Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ordner auf Wechselmedien werden als Verknüpfung angezeigt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.01.2015, 14:11   #1
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Hallo zusammen,
hab das selbe Problem wie der User hier, will eine Externe Festplatte von einen Freund reinigen

http://www.trojaner-board.de/129505-...angezeigt.html

bevor ich an die selben Lösungs ansetzte gehe wollte ich nochmal nachfragen was ich beachten soll.

Ich habe auf meinen Rechner Windows 8.1 64bit und als Antivirus Programm
G Data InternetSecurity CBE, wollte daher nachfragen würde es erstmal ausreichen wenn ich den Kompleten System check also Virus rootkid usw über das bei der externen dürchführen würde.
Da gibt's z.B diesen Bootmedium den mal erstellen kann bei Gdata mit den man sein System checken kann. kann man darüber eventuel was machen. Z. b das Medium erstellen die interne ausbauen und über das Bootmedium die externe checken lassen?(Nur ein Gedanken gang hab sonst keine Ahnung)

Dazu noch eine frage was kann ich tun damit die externe nicht meine interne versäucht, z.b antivirus stufe usw auf max oder so. Hab daher die externe noch gar nicht angeschlossen.



Vielen Dank im voraus

ak16

p.s Natürlich will ich die Daten auf der externe behalten, sonst würde ich einfach Formatieren.

Geändert von ak16 (27.01.2015 um 14:13 Uhr) Grund: Das mti Bootmedium hinzugefügt

Alt 27.01.2015, 16:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 27.01.2015, 18:29   #3
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Also hab mal laufen lassen, hab leider vergessen über deskop zu machen hoffe es ist nicht so schlimm.
Das Programm hat mir die beiden Dateien zwei mal gegeben daher poste ich mal die beiden letzteren.
Bei bedarf poste ich auch die ersten

2. FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by AKA (administrator) on MSI on 27-01-2015 18:38:12
Running from C:\Users\AKA\Downloads
Loaded Profiles: AKA (Available profiles: AKA)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\HP Link5 Config\PelLinkS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\PelLink5.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\Link5HID.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\HP Link5 Config\VolOSD.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2486272 2010-06-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PelLink5] => C:\ProgramData\HP Link5 Config\PelLink5.exe [173568 2012-12-17] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Link5 Monitor\hpMonitor28.exe [74704 2013-01-01] (Hewlett-Packard)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.120.136.116

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2014-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2014-06-15]

Chrome: 
=======
CHR Profile: C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Google Docs) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Google Drive) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-27]
CHR Extension: (YouTube) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Google-Suche) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Google Tabellen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Google Mail) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 JTAGServer; C:\altera\13.0sp1\quartus\bin64\jtagserver.exe [268800 2013-06-13] () [File not signed]
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PelLinkS; C:\ProgramData\HP Link5 Config\PelLinkS.exe [184320 2012-12-17] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329848 2013-05-06] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\system32\DRIVERS\cmnsusbser.sys [126080 2014-06-17] (QUALCOMM Incorporated)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-05-22] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-06-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-06-06] (G Data Software AG)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-06-10] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114560 2010-03-20] (Huawei Technologies Co., Ltd.)
S0 johci; C:\Windows\System32\drivers\johci.sys [20392 2009-09-21] (JMicron )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-28] (Microsoft Corporation)
S3 ohci1394; \SystemRoot\System32\drivers\ohci1394.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 17:57 - 2015-01-27 17:57 - 00038076 _____ () C:\Users\AKA\Downloads\Addition.txt
2015-01-27 17:55 - 2015-01-27 18:38 - 00024052 _____ () C:\Users\AKA\Downloads\FRST.txt
2015-01-27 17:55 - 2015-01-27 18:38 - 00000000 ____D () C:\FRST
2015-01-27 17:55 - 2015-01-27 17:55 - 02129920 _____ (Farbar) C:\Users\AKA\Downloads\FRST64.exe
2015-01-26 23:23 - 2015-01-27 00:04 - 1090802712 _____ () C:\Users\AKA\Downloads\krdy95ltrg.rar
2015-01-25 15:06 - 2015-01-25 15:29 - 350359868 _____ () C:\Users\AKA\Downloads\1204-143919.rar
2015-01-24 18:56 - 2015-01-24 18:56 - 00005296 _____ () C:\Users\AKA\Downloads\k579i7yv2h0u246.dlc
2015-01-24 17:59 - 2015-01-24 17:59 - 00006296 _____ () C:\Users\AKA\Downloads\GDN0TGX1472G_-_UL-xxggugnjs6y0a.dlc
2015-01-24 01:05 - 2015-01-24 01:05 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00002021 _____ () C:\Users\Public\Desktop\Remote Control Server.lnk
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\Program Files (x86)\Remote Control Server
2015-01-24 01:01 - 2015-01-24 01:01 - 00000000 ____D () C:\Users\AKA\AppData\Local\Downloaded Installations
2015-01-24 01:00 - 2015-01-24 01:01 - 06752340 _____ (Steppschuh) C:\Users\AKA\Downloads\RemoteControlServerSetup.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-22 23:05 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-22 23:05 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-22 23:05 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-22 23:05 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-22 23:05 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-22 23:05 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-22 23:05 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-22 23:05 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-22 23:05 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-22 23:05 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-22 23:05 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-22 23:05 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-22 23:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-22 23:05 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-22 23:05 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-22 23:05 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-22 23:05 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-22 23:05 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-22 23:05 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-22 23:05 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-22 23:05 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-22 23:05 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-22 23:05 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-22 23:05 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-22 23:05 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-22 23:05 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-22 23:05 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-22 23:05 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-22 23:05 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-22 23:05 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-22 23:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-22 23:05 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-22 23:05 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-22 23:05 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-22 23:05 - 2014-11-04 07:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-22 23:05 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-22 23:05 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-22 23:05 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-22 23:05 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-22 23:05 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-22 23:05 - 2014-10-29 04:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-22 23:05 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-22 23:05 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-22 23:05 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-22 23:05 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-22 23:05 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-22 23:05 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-22 23:05 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-22 23:05 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-22 23:05 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-22 23:05 - 2014-10-17 05:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-22 23:05 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-19 22:37 - 2015-01-19 22:39 - 69104008 _____ (SiSoftware ) C:\Users\AKA\Downloads\sisoftware_sandra_lite_2015_san2115.exe
2015-01-19 22:23 - 2015-01-19 22:23 - 02231742 _____ ( ) C:\Users\AKA\Downloads\diagnose_8.67.exe
2015-01-17 20:36 - 2015-01-17 20:36 - 00001560 _____ () C:\Users\AKA\Downloads\ml9794a2gzer40s.dlc
2015-01-17 20:22 - 2015-01-17 20:22 - 00002416 _____ () C:\Users\AKA\Downloads\4fu23mxpv10au24.dlc
2015-01-16 15:45 - 2015-01-16 15:45 - 00885880 _____ () C:\Users\AKA\Desktop\Bayer 04 Leverkusen print@home-Ticket.zip
2015-01-15 11:44 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 11:44 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 11:32 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 11:32 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 11:32 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 11:32 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 11:32 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 11:32 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 21:18 - 2015-01-13 21:18 - 00034800 _____ () C:\Users\AKA\Downloads\f84679105457909db5d0a867457197c4.dlc
2015-01-13 19:12 - 2015-01-13 19:14 - 00820488 _____ () C:\WINDOWS\Minidump\011315-111296-01.dmp
2015-01-12 16:56 - 2015-01-12 17:09 - 280500232 _____ () C:\Users\AKA\Downloads\ncis.s12e03.sof.rar
2015-01-11 22:00 - 2015-01-11 22:03 - 00000000 ____D () C:\Users\AKA\Desktop\usb
2015-01-11 22:00 - 2015-01-11 22:00 - 00108171 _____ () C:\Users\AKA\Downloads\usbdeview-x64.zip
2015-01-11 21:59 - 2015-01-11 21:59 - 00003244 _____ () C:\Users\AKA\Downloads\usbdeview_german.zip
2015-01-10 18:40 - 2015-01-10 18:40 - 00001412 _____ () C:\Users\AKA\Downloads\3e90oau2xrr05t7.dlc
2015-01-10 18:03 - 2015-01-10 18:03 - 00001264 _____ () C:\Users\AKA\Downloads\r3un2rxd08m294t.dlc
2015-01-09 22:29 - 2015-01-09 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 15:03 - 2015-01-09 15:03 - 00000222 _____ () C:\Users\AKA\Desktop\Age of Empires II HD Edition.url
2015-01-09 15:03 - 2015-01-09 15:03 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:41 - 2015-01-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 14:41 - 2015-01-09 14:41 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-09 14:41 - 2015-01-09 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:40 - 2015-01-09 14:40 - 01142128 _____ () C:\Users\AKA\Downloads\SteamSetup.exe
2015-01-08 22:31 - 2015-01-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-05 20:15 - 2015-01-27 14:33 - 00003125 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:15 - 2015-01-05 20:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-03 19:08 - 2015-01-10 19:28 - 00000000 ____D () C:\Users\AKA\Desktop\Tarihe Yolculuk
2015-01-03 18:45 - 2015-01-03 18:45 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-01-03 18:44 - 2015-01-03 18:46 - 00000000 ____D () C:\Program Files\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-01-03 18:42 - 2015-01-03 18:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-03 18:41 - 2015-01-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
2015-01-03 18:41 - 2015-01-03 18:41 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-01 12:24 - 2015-01-01 13:37 - 1066171576 _____ () C:\Users\AKA\Downloads\krdy91ltrg.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-27 18:16 - 2014-10-27 13:06 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-27 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-27 17:29 - 2014-05-22 14:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1015216767-4129399232-3615065482-1001
2015-01-27 14:36 - 2014-03-18 11:04 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-27 14:36 - 2014-03-18 10:25 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-27 14:36 - 2014-03-18 10:25 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-27 14:16 - 2014-10-27 13:06 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 13:47 - 2014-05-28 10:32 - 01404726 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-27 13:35 - 2014-05-28 12:13 - 00000000 __RDO () C:\Users\AKA\OneDrive
2015-01-27 13:21 - 2014-11-22 19:44 - 00000497 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-01-27 13:21 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-27 13:20 - 2014-08-01 00:38 - 00032066 _____ () C:\WINDOWS\PFRO.log
2015-01-27 13:20 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-27 13:17 - 2014-10-27 13:08 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 02:26 - 2014-05-23 15:24 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\vlc
2015-01-26 00:16 - 2014-05-22 16:17 - 00000000 ____D () C:\Users\AKA\Desktop\Neuer Ordner
2015-01-25 20:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-25 11:48 - 2014-05-25 20:28 - 00000000 ____D () C:\Users\AKA\Downloads\J dow
2015-01-25 10:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-23 19:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-23 19:18 - 2014-05-23 22:51 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Skype
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-22 23:04 - 2014-11-12 11:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-19 22:32 - 2014-12-11 16:52 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-19 22:32 - 2014-12-11 16:52 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 04:05 - 2014-05-28 10:38 - 00000000 ____D () C:\Users\AKA
2015-01-18 01:31 - 2014-05-23 23:11 - 00000000 ____D () C:\Program Files (x86)\Eclipse Java
2015-01-17 21:14 - 2014-10-21 11:41 - 00034605 _____ () C:\WINDOWS\DirectX.log
2015-01-15 11:44 - 2014-05-27 16:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 11:36 - 2014-05-27 16:49 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 21:53 - 2014-12-19 20:31 - 00005044 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI
2015-01-13 19:12 - 2014-08-19 10:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-11 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-09 00:14 - 2014-05-22 22:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 00:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-09 00:14 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-01-09 00:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 22:40 - 2014-12-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-04 23:08 - 2014-11-19 18:46 - 00000000 ____D () C:\Users\AKA\Desktop\Mathe
2015-01-04 23:08 - 2014-10-13 16:08 - 00000000 ____D () C:\Users\AKA\Desktop\GE1 Dederich
2015-01-04 23:08 - 2014-10-10 16:21 - 00000000 ____D () C:\Users\AKA\Desktop\Patch_SchulMathe
2015-01-03 19:00 - 2014-05-30 21:07 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-03 18:46 - 2014-05-27 12:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-03 18:46 - 2014-05-22 14:39 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Adobe
2015-01-03 18:43 - 2014-05-24 00:22 - 00000000 ____D () C:\Users\AKA\AppData\Local\Adobe
2015-01-03 18:43 - 2014-05-22 22:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-01 00:56 - 2014-12-26 15:42 - 731814810 _____ () C:\Users\AKA\Downloads\krtlrvdsps241ltrg.rar

==================== Files in the root of some directories =======

2014-06-06 14:41 - 2014-06-06 14:41 - 0000000 _____ () C:\Users\AKA\AppData\Roaming\gdfw.log
2014-06-06 14:41 - 2014-06-06 14:41 - 0000779 _____ () C:\Users\AKA\AppData\Roaming\gdscan.log

Some content of TEMP:
====================
C:\Users\AKA\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\AKA\AppData\Local\Temp\ResetDevice.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-18 10:08

==================== End Of Log ============================
         
--- --- ---


2.Additional

Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by AKA at 2015-01-27 18:39:05
Running from C:\Users\AKA\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3MobileWiFi (HKLM-x32\...\3MobileWiFi) (Version: WIN1.01.01.156 - Huawei Technologies Co.,Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.17.666 - Atmel)
AVRStudio4 (x32 Version: 4.17.666 - Atmel) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version: - )
Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 All in One Update - Pack 1.00 (HKLM-x32\...\Borderlands 2 All in One Update - Pack 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands The Pre Sequel GERMAN (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
calibre (HKLM-x32\...\{B364DC2A-9783-4737-B795-D6F0562A41C5}) (Version: 0.8.61 - Kovid Goyal)
Camera Recorder (HKLM-x32\...\{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}) (Version: 1.0.909.0801 - Camera Recorder)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{D9ABE01A-6E18-4F30-9ED6-2494A5019074}) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
Dropbox (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts)
Flip 3.3.4 (HKLM-x32\...\flip.exe) (Version: 3.3.4 - Atmel)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Video to MP3 Converter version 5.0.42.530 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.42.530 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Wireless Mouse Suite 2.8 (HKLM-x32\...\{C7EF1D07-8CC6-4532-A4C9-37612FCB3410}) (Version: 2.8 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java-Editor 12.2, 2013.10.2 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.280 - Motorola, Inc.)
MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovi Desktop Sync Engine (x32 Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.44.2 - Nokia) Hidden
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Quartus II Web Edition (Free) 13.0.1.232 (HKLM-x32\...\Quartus II Web Edition (Free) 13.0.1.232) (Version: 13.0sp1 - Altera Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0617.007 - Micro-Star International Co., Ltd.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WinAVR 20090313 (remove only) (HKLM-x32\...\WinAVR-20090313) (Version: 20090313 - )
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net (07/06/2010 3.01.08.0001) (HKLM\...\DDAB5FC44964BD27F18121236A6EB5719FB86ECC) (Version: 07/06/2010 3.01.08.0001 - Ralink Technology, Corp.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-01-2015 11:36:15 Windows Update
17-01-2015 21:10:56 DirectX wurde installiert
22-01-2015 22:58:37 Windows Update
24-01-2015 01:01:41 Installed Remote Control Server.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-27 17:54 - 2015-01-27 17:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0447227E-6DAA-4E9C-8E37-E21D8F9CCF10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {128732B2-5BFB-40CB-98F3-6382F5317557} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {213FBD11-67DD-4D5C-BEEC-B82B9D5235F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: {2A3579F1-F34A-4EEC-A433-0855EFBDDF33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {30DF1A22-C561-4FE9-9AEA-B314A7B17593} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {56E60A3F-3B1A-4BA2-8752-6D284D0DA63D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6518BCCB-0C13-42ED-B4F2-077193F8677D} - System32\Tasks\{24DB3F75-DC74-40D7-9585-49A3DF45E361} => pcalua.exe -a D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned\ssetup.exe -d D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned
Task: {A7D013F5-6FFD-4B64-A5B4-76FE8221D26D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E4152EF4-F89F-4314-B1BF-C410842453AC} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1015216767-4129399232-3615065482-1001
Task: {EB70BC40-11A0-4944-832D-74A22D2239EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-28 10:32 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 22:59 - 2013-06-13 06:15 - 00268800 _____ () C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
2014-05-23 22:59 - 2013-06-13 06:13 - 00029184 _____ () C:\altera\13.0sp1\quartus\bin64\ccl_ver.dll
2014-05-23 22:59 - 2013-06-13 02:41 - 00879616 _____ () C:\altera\13.0sp1\quartus\bin64\dinkum_alt.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00184320 _____ () C:\ProgramData\HP Link5 Config\PelLinkS.exe
2014-06-17 19:09 - 2013-05-06 14:45 - 00329848 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-12-19 03:42 - 2013-12-19 03:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00288768 _____ () C:\ProgramData\HP Link5 Config\VolOSD.exe
2014-06-11 04:34 - 2014-06-11 04:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-02-26 01:28 - 2013-02-26 01:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00079360 _____ () C:\ProgramData\HP Link5 Config\PelComm.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00047104 _____ () C:\ProgramData\HP Link5 Config\PelDrv.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00459264 _____ () C:\ProgramData\HP Link5 Config\PelHooks.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00108032 _____ () C:\ProgramData\HP Link5 Config\PelUtil.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00028672 _____ () C:\ProgramData\HP Link5 Config\PelMagnf.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00131072 _____ () C:\ProgramData\HP Link5 Config\PelScrll.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AKA\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "NokiaMServer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-1015216767-4129399232-3615065482-500 - Administrator - Disabled)
AKA (S-1-5-21-1015216767-4129399232-3615065482-1001 - Administrator - Enabled) => C:\Users\AKA
Gast (S-1-5-21-1015216767-4129399232-3615065482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1015216767-4129399232-3615065482-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: JMicron OHCI Compliant IEEE 1394 Host Controller
Description: JMicron OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: JMicron Technology Corp.
Service: ohci1394
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2015 01:21:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/27/2015 02:41:18 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/27/2015 01:14:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/26/2015 00:41:11 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/25/2015 08:29:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/25/2015 10:55:41 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/24/2015 11:40:37 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/24/2015 00:24:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/23/2015 09:37:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/23/2015 07:18:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (01/27/2015 01:30:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "MSI :0" konnte nicht auf der Schnittstelle mit IP-Adresse 10.213.223.135
registriert werden. Der Computer mit IP-Adresse 169.254.142.168 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/27/2015 01:30:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "MSI :20" konnte nicht auf der Schnittstelle mit IP-Adresse 10.213.223.135
registriert werden. Der Computer mit IP-Adresse 169.254.142.168 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/27/2015 01:30:06 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{EBB6B51E-CD66-48AB-85D9-6E3F3CD4132B} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/27/2015 01:21:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (01/26/2015 09:05:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/26/2015 09:04:42 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/26/2015 09:04:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/26/2015 09:04:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/26/2015 09:02:17 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/26/2015 09:01:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.


Microsoft Office Sessions:
=========================
Error: (01/27/2015 01:21:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/27/2015 02:41:18 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/27/2015 01:14:05 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/26/2015 00:41:11 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/25/2015 08:29:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142

Error: (01/25/2015 10:55:41 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/24/2015 11:40:37 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/24/2015 00:24:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (01/23/2015 09:37:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/23/2015 07:18:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MSI)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142


CodeIntegrity Errors:
===================================
Date: 2014-06-05 16:59:10.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-05 16:59:10.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-04 17:56:07.394
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-04 10:05:52.053
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-04 10:05:51.990
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-04 09:59:03.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-04 09:59:03.047
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-03 10:42:07.293
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-03 10:42:07.246
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-06-03 10:39:48.300
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 33%
Total physical RAM: 8174.06 MB
Available physical RAM: 5417.77 MB
Total Pagefile: 16366.06 MB
Available Pagefile: 12867.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:405.67 GB) (Free:174.7 GB) NTFS
Drive d: () (Fixed) (Total:292.63 GB) (Free:208.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A443BC6C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Da nicht gesagt wurde das ich die externe anschließen solll hab eihc das noch nicht gemacht



ak16
__________________

Alt 28.01.2015, 07:19   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.01.2015, 11:03   #5
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Danke nochmal für dich schnelle Hilfe

Hier die LOG Files


mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 28.01.2015
Suchlauf-Zeit: 10:54:02
Logdatei: mbam.txt
Administrator: Nein

Version: 2.00.4.1028
Malware Datenbank: v2015.01.28.05
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: AKA

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 376476
Verstrichene Zeit: 17 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 1
PUP.Optional.MindSpark.A, C:\Users\AKA\AppData\LocalLow\RadioRage_4j, In Quarantäne, [3a8bb04c7217b77f0124440f3bc84db3], 

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
AdwCleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 28/01/2015 um 11:23:10
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-26.1 [Live]
# Betriebssystem : Windows 8.1 Pro with Media Center  (64 bits)
# Benutzername : AKA - MSI
# Gestartet von : C:\Users\AKA\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\AKA\AppData\Local\Temp\hotspot shield
Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Ordner Gelöscht : C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Ordner Gelöscht : C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Datei Gelöscht : C:\WINDOWS\System32\drivers\taphss6.sys
Datei Gelöscht : C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage
Datei Gelöscht : C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\hxxp_www.search.ask.com_0.localstorage-journal
Datei Gelöscht : C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10273591-D084-4328-A7D0-49E051FCDE7B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.93

[C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-09-17&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}

-\\ Comodo Dragon v

[C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=2014-09-17&apn_dtid=%5ECMD011%5EYY%5EUS&apn_ptnrs=%5EAGO&q={searchTerms}
[C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Gelöscht [Extension] : cmaiofennmphjldldcpphcechfnnohja
[C:\Users\AKA\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Gelöscht [Extension] : aaaalipaokhkccgmgkdglfinfnfhflko

*************************

AdwCleaner[R0].txt - [2854 octets] - [31/07/2014 04:00:33]
AdwCleaner[R1].txt - [3254 octets] - [28/01/2015 11:17:39]
AdwCleaner[S0].txt - [2869 octets] - [31/07/2014 04:02:27]
AdwCleaner[S1].txt - [3284 octets] - [28/01/2015 11:23:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3344 octets] ##########
         
--- --- ---

[/CODE]

JRT.txt


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro with Media Center x64
Ran by AKA on 28.01.2015 at 11:37:57,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\AKA\music\qtrax media library"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.01.2015 at 11:45:02,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by AKA (administrator) on MSI on 28-01-2015 11:50:27
Running from C:\Users\AKA\Desktop
Loaded Profiles: AKA (Available profiles: AKA)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\HP Link5 Config\PelLinkS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\PelLink5.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\Link5HID.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\HP Link5 Config\VolOSD.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2486272 2010-06-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PelLink5] => C:\ProgramData\HP Link5 Config\PelLink5.exe [173568 2012-12-17] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Link5 Monitor\hpMonitor28.exe [74704 2013-01-01] (Hewlett-Packard)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.120.136.116

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2014-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2014-06-15]

Chrome: 
=======
CHR Profile: C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Google Docs) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Google Drive) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-27]
CHR Extension: (YouTube) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Google-Suche) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Google Tabellen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Google Mail) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 JTAGServer; C:\altera\13.0sp1\quartus\bin64\jtagserver.exe [268800 2013-06-13] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PelLinkS; C:\ProgramData\HP Link5 Config\PelLinkS.exe [184320 2012-12-17] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329848 2013-05-06] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\system32\DRIVERS\cmnsusbser.sys [126080 2014-06-17] (QUALCOMM Incorporated)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-05-22] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-06-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-06-06] (G Data Software AG)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-06-10] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114560 2010-03-20] (Huawei Technologies Co., Ltd.)
S0 johci; C:\Windows\System32\drivers\johci.sys [20392 2009-09-21] (JMicron )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-28] (Microsoft Corporation)
S3 ohci1394; \SystemRoot\System32\drivers\ohci1394.sys [X]
S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 11:50 - 2015-01-28 11:51 - 00024246 _____ () C:\Users\AKA\Desktop\FRST.txt
2015-01-28 11:45 - 2015-01-28 11:45 - 00000911 _____ () C:\Users\AKA\Desktop\JRT.txt
2015-01-28 11:37 - 2015-01-28 11:37 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-28 11:36 - 2015-01-28 11:36 - 01707939 _____ (Thisisu) C:\Users\AKA\Downloads\JRT.exe
2015-01-28 11:31 - 2015-01-28 11:31 - 00003432 _____ () C:\Users\AKA\Desktop\AdwCleaner[S1].txt
2015-01-28 11:17 - 2015-01-28 11:17 - 02194432 _____ () C:\Users\AKA\Downloads\AdwCleaner_4.109.exe
2015-01-28 11:15 - 2015-01-28 11:15 - 00001273 _____ () C:\Users\AKA\Desktop\mbam.txt
2015-01-28 10:48 - 2015-01-28 11:31 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 10:47 - 2015-01-28 10:47 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-28 10:45 - 2015-01-28 10:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\AKA\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 10:42 - 2015-01-28 10:42 - 00019376 _____ () C:\Users\AKA\Downloads\SWAR_SAGA_GER_720p_BRip_x264_-_WodkaE-h43yg8n085x.dlc
2015-01-27 19:27 - 2015-01-27 19:27 - 00088334 _____ () C:\Users\AKA\Desktop\cach.txt
2015-01-27 17:57 - 2015-01-27 18:39 - 00038074 _____ () C:\Users\AKA\Downloads\Addition.txt
2015-01-27 17:55 - 2015-01-28 11:50 - 00000000 ____D () C:\FRST
2015-01-27 17:55 - 2015-01-27 18:39 - 00050605 _____ () C:\Users\AKA\Downloads\FRST.txt
2015-01-27 17:55 - 2015-01-27 17:55 - 02129920 _____ (Farbar) C:\Users\AKA\Desktop\FRST64.exe
2015-01-26 23:23 - 2015-01-27 00:04 - 1090802712 _____ () C:\Users\AKA\Downloads\krdy95ltrg.rar
2015-01-25 15:06 - 2015-01-25 15:29 - 350359868 _____ () C:\Users\AKA\Downloads\1204-143919.rar
2015-01-24 18:56 - 2015-01-24 18:56 - 00005296 _____ () C:\Users\AKA\Downloads\k579i7yv2h0u246.dlc
2015-01-24 17:59 - 2015-01-24 17:59 - 00006296 _____ () C:\Users\AKA\Downloads\GDN0TGX1472G_-_UL-xxggugnjs6y0a.dlc
2015-01-24 01:05 - 2015-01-24 01:05 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00002021 _____ () C:\Users\Public\Desktop\Remote Control Server.lnk
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\Program Files (x86)\Remote Control Server
2015-01-24 01:01 - 2015-01-24 01:01 - 00000000 ____D () C:\Users\AKA\AppData\Local\Downloaded Installations
2015-01-24 01:00 - 2015-01-24 01:01 - 06752340 _____ (Steppschuh) C:\Users\AKA\Downloads\RemoteControlServerSetup.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-22 23:05 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-22 23:05 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-22 23:05 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-22 23:05 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-22 23:05 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-22 23:05 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-22 23:05 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-22 23:05 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-22 23:05 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-22 23:05 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-22 23:05 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-22 23:05 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-22 23:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-22 23:05 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-22 23:05 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-22 23:05 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-22 23:05 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-22 23:05 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-22 23:05 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-22 23:05 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-22 23:05 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-22 23:05 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-22 23:05 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-22 23:05 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-22 23:05 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-22 23:05 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-22 23:05 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-22 23:05 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-22 23:05 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-22 23:05 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-22 23:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-22 23:05 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-22 23:05 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-22 23:05 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-22 23:05 - 2014-11-04 07:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-22 23:05 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-22 23:05 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-22 23:05 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-22 23:05 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-22 23:05 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-22 23:05 - 2014-10-29 04:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-22 23:05 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-22 23:05 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-22 23:05 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-22 23:05 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-22 23:05 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-22 23:05 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-22 23:05 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-22 23:05 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-22 23:05 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-22 23:05 - 2014-10-17 05:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-22 23:05 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-19 22:37 - 2015-01-19 22:39 - 69104008 _____ (SiSoftware ) C:\Users\AKA\Downloads\sisoftware_sandra_lite_2015_san2115.exe
2015-01-19 22:23 - 2015-01-19 22:23 - 02231742 _____ ( ) C:\Users\AKA\Downloads\diagnose_8.67.exe
2015-01-17 20:36 - 2015-01-17 20:36 - 00001560 _____ () C:\Users\AKA\Downloads\ml9794a2gzer40s.dlc
2015-01-17 20:22 - 2015-01-17 20:22 - 00002416 _____ () C:\Users\AKA\Downloads\4fu23mxpv10au24.dlc
2015-01-16 15:45 - 2015-01-16 15:45 - 00885880 _____ () C:\Users\AKA\Desktop\Bayer 04 Leverkusen print@home-Ticket.zip
2015-01-15 11:44 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 11:44 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 11:32 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 11:32 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 11:32 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 11:32 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 11:32 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 11:32 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 21:18 - 2015-01-13 21:18 - 00034800 _____ () C:\Users\AKA\Downloads\f84679105457909db5d0a867457197c4.dlc
2015-01-13 19:12 - 2015-01-13 19:14 - 00820488 _____ () C:\WINDOWS\Minidump\011315-111296-01.dmp
2015-01-12 16:56 - 2015-01-12 17:09 - 280500232 _____ () C:\Users\AKA\Downloads\ncis.s12e03.sof.rar
2015-01-11 22:00 - 2015-01-11 22:03 - 00000000 ____D () C:\Users\AKA\Desktop\usb
2015-01-11 22:00 - 2015-01-11 22:00 - 00108171 _____ () C:\Users\AKA\Downloads\usbdeview-x64.zip
2015-01-11 21:59 - 2015-01-11 21:59 - 00003244 _____ () C:\Users\AKA\Downloads\usbdeview_german.zip
2015-01-10 18:40 - 2015-01-10 18:40 - 00001412 _____ () C:\Users\AKA\Downloads\3e90oau2xrr05t7.dlc
2015-01-10 18:03 - 2015-01-10 18:03 - 00001264 _____ () C:\Users\AKA\Downloads\r3un2rxd08m294t.dlc
2015-01-09 22:29 - 2015-01-09 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 15:03 - 2015-01-09 15:03 - 00000222 _____ () C:\Users\AKA\Desktop\Age of Empires II HD Edition.url
2015-01-09 15:03 - 2015-01-09 15:03 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:41 - 2015-01-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 14:41 - 2015-01-09 14:41 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-09 14:41 - 2015-01-09 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:40 - 2015-01-09 14:40 - 01142128 _____ () C:\Users\AKA\Downloads\SteamSetup.exe
2015-01-08 22:31 - 2015-01-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-05 20:15 - 2015-01-28 11:29 - 00004228 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:15 - 2015-01-05 20:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-03 19:08 - 2015-01-10 19:28 - 00000000 ____D () C:\Users\AKA\Desktop\Tarihe Yolculuk
2015-01-03 18:45 - 2015-01-03 18:45 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-01-03 18:44 - 2015-01-03 18:46 - 00000000 ____D () C:\Program Files\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-01-03 18:42 - 2015-01-03 18:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-03 18:41 - 2015-01-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
2015-01-03 18:41 - 2015-01-03 18:41 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-01 12:24 - 2015-01-01 13:37 - 1066171576 _____ () C:\Users\AKA\Downloads\krdy91ltrg.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 11:44 - 2014-05-28 10:32 - 01480065 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-28 11:36 - 2014-03-18 11:04 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-28 11:36 - 2014-03-18 10:25 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-28 11:36 - 2014-03-18 10:25 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-28 11:35 - 2014-05-28 12:13 - 00000000 ___DO () C:\Users\AKA\OneDrive
2015-01-28 11:30 - 2014-10-27 13:06 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 11:29 - 2014-11-22 19:44 - 00000497 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-01-28 11:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-28 11:28 - 2014-08-01 00:38 - 00032650 _____ () C:\WINDOWS\PFRO.log
2015-01-28 11:24 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-28 11:23 - 2014-07-31 04:00 - 00000000 ____D () C:\AdwCleaner
2015-01-28 11:16 - 2014-10-27 13:06 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 11:05 - 2014-05-22 14:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1015216767-4129399232-3615065482-1001
2015-01-28 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-27 13:17 - 2014-10-27 13:08 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 02:26 - 2014-05-23 15:24 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\vlc
2015-01-26 00:16 - 2014-05-22 16:17 - 00000000 ____D () C:\Users\AKA\Desktop\Neuer Ordner
2015-01-25 20:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-25 11:48 - 2014-05-25 20:28 - 00000000 ____D () C:\Users\AKA\Downloads\J dow
2015-01-25 10:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-23 19:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-23 19:18 - 2014-05-23 22:51 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Skype
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-22 23:04 - 2014-11-12 11:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-19 22:32 - 2014-12-11 16:52 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-19 22:32 - 2014-12-11 16:52 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 04:05 - 2014-05-28 10:38 - 00000000 ____D () C:\Users\AKA
2015-01-18 01:31 - 2014-05-23 23:11 - 00000000 ____D () C:\Program Files (x86)\Eclipse Java
2015-01-17 21:14 - 2014-10-21 11:41 - 00034605 _____ () C:\WINDOWS\DirectX.log
2015-01-15 11:44 - 2014-05-27 16:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 11:36 - 2014-05-27 16:49 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 21:53 - 2014-12-19 20:31 - 00005044 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI
2015-01-13 19:12 - 2014-08-19 10:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-11 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-09 00:14 - 2014-05-22 22:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 00:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-09 00:14 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-01-09 00:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 22:40 - 2014-12-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-04 23:08 - 2014-11-19 18:46 - 00000000 ____D () C:\Users\AKA\Desktop\Mathe
2015-01-04 23:08 - 2014-10-13 16:08 - 00000000 ____D () C:\Users\AKA\Desktop\GE1 Dederich
2015-01-04 23:08 - 2014-10-10 16:21 - 00000000 ____D () C:\Users\AKA\Desktop\Patch_SchulMathe
2015-01-03 19:00 - 2014-05-30 21:07 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-03 18:46 - 2014-05-27 12:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-03 18:46 - 2014-05-22 14:39 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Adobe
2015-01-03 18:43 - 2014-05-24 00:22 - 00000000 ____D () C:\Users\AKA\AppData\Local\Adobe
2015-01-03 18:43 - 2014-05-22 22:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-01 00:56 - 2014-12-26 15:42 - 731814810 _____ () C:\Users\AKA\Downloads\krtlrvdsps241ltrg.rar

==================== Files in the root of some directories =======

2014-06-06 14:41 - 2014-06-06 14:41 - 0000000 _____ () C:\Users\AKA\AppData\Roaming\gdfw.log
2014-06-06 14:41 - 2014-06-06 14:41 - 0000779 _____ () C:\Users\AKA\AppData\Roaming\gdscan.log

Some content of TEMP:
====================
C:\Users\AKA\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\AKA\AppData\Local\Temp\Quarantine.exe
C:\Users\AKA\AppData\Local\Temp\ResetDevice.exe
C:\Users\AKA\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-28 11:05

==================== End Of Log ============================
         
--- --- ---


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by AKA at 2015-01-28 11:51:31
Running from C:\Users\AKA\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3MobileWiFi (HKLM-x32\...\3MobileWiFi) (Version: WIN1.01.01.156 - Huawei Technologies Co.,Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.17.666 - Atmel)
AVRStudio4 (x32 Version: 4.17.666 - Atmel) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 All in One Update - Pack 1.00 (HKLM-x32\...\Borderlands 2 All in One Update - Pack 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands The Pre Sequel GERMAN (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
calibre (HKLM-x32\...\{B364DC2A-9783-4737-B795-D6F0562A41C5}) (Version: 0.8.61 - Kovid Goyal)
Camera Recorder (HKLM-x32\...\{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}) (Version: 1.0.909.0801 - Camera Recorder)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{D9ABE01A-6E18-4F30-9ED6-2494A5019074}) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
Dropbox (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts)
Flip 3.3.4 (HKLM-x32\...\flip.exe) (Version: 3.3.4 - Atmel)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Video to MP3 Converter version 5.0.42.530 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.42.530 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Wireless Mouse Suite 2.8 (HKLM-x32\...\{C7EF1D07-8CC6-4532-A4C9-37612FCB3410}) (Version: 2.8 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java-Editor 12.2, 2013.10.2 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.280 - Motorola, Inc.)
MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovi Desktop Sync Engine (x32 Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.44.2 - Nokia) Hidden
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Quartus II Web Edition (Free) 13.0.1.232 (HKLM-x32\...\Quartus II Web Edition (Free) 13.0.1.232) (Version: 13.0sp1 - Altera Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0617.007 - Micro-Star International Co., Ltd.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WinAVR 20090313 (remove only) (HKLM-x32\...\WinAVR-20090313) (Version: 20090313 - )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net  (07/06/2010 3.01.08.0001) (HKLM\...\DDAB5FC44964BD27F18121236A6EB5719FB86ECC) (Version: 07/06/2010 3.01.08.0001 - Ralink Technology, Corp.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-01-2015 11:36:15 Windows Update
17-01-2015 21:10:56 DirectX wurde installiert
22-01-2015 22:58:37 Windows Update
24-01-2015 01:01:41 Installed Remote Control Server.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-27 17:54 - 2015-01-27 17:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0447227E-6DAA-4E9C-8E37-E21D8F9CCF10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {0A3C6B71-6781-4DBD-9906-FA4654BF9CF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: {128732B2-5BFB-40CB-98F3-6382F5317557} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {2A3579F1-F34A-4EEC-A433-0855EFBDDF33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {30DF1A22-C561-4FE9-9AEA-B314A7B17593} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {56E60A3F-3B1A-4BA2-8752-6D284D0DA63D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6518BCCB-0C13-42ED-B4F2-077193F8677D} - System32\Tasks\{24DB3F75-DC74-40D7-9585-49A3DF45E361} => pcalua.exe -a D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned\ssetup.exe -d D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned
Task: {A7D013F5-6FFD-4B64-A5B4-76FE8221D26D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E4152EF4-F89F-4314-B1BF-C410842453AC} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1015216767-4129399232-3615065482-1001
Task: {EB70BC40-11A0-4944-832D-74A22D2239EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-28 10:32 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 22:59 - 2013-06-13 06:15 - 00268800 _____ () C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
2014-05-23 22:59 - 2013-06-13 06:13 - 00029184 _____ () C:\altera\13.0sp1\quartus\bin64\ccl_ver.dll
2014-05-23 22:59 - 2013-06-13 02:41 - 00879616 _____ () C:\altera\13.0sp1\quartus\bin64\dinkum_alt.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00184320 _____ () C:\ProgramData\HP Link5 Config\PelLinkS.exe
2014-06-17 19:09 - 2013-05-06 14:45 - 00329848 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-12-19 03:42 - 2013-12-19 03:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00288768 _____ () C:\ProgramData\HP Link5 Config\VolOSD.exe
2014-06-11 04:34 - 2014-06-11 04:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-02-26 01:28 - 2013-02-26 01:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00079360 _____ () C:\ProgramData\HP Link5 Config\PelComm.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00047104 _____ () C:\ProgramData\HP Link5 Config\PelDrv.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00459264 _____ () C:\ProgramData\HP Link5 Config\PelHooks.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00108032 _____ () C:\ProgramData\HP Link5 Config\PelUtil.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00028672 _____ () C:\ProgramData\HP Link5 Config\PelMagnf.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00131072 _____ () C:\ProgramData\HP Link5 Config\PelScrll.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AKA\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "NokiaMServer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-1015216767-4129399232-3615065482-500 - Administrator - Disabled)
AKA (S-1-5-21-1015216767-4129399232-3615065482-1001 - Administrator - Enabled) => C:\Users\AKA
Gast (S-1-5-21-1015216767-4129399232-3615065482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1015216767-4129399232-3615065482-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: JMicron OHCI Compliant IEEE 1394 Host Controller
Description: JMicron OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: JMicron Technology Corp.
Service: ohci1394
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 11:45:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)


System errors:
=============
Error: (01/28/2015 11:52:05 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:51:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:51:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:50:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:50:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:49:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:49:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (01/28/2015 11:45:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)


CodeIntegrity Errors:
===================================
  Date: 2014-06-05 16:59:10.933
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-05 16:59:10.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 17:56:07.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:52.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:51.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.293
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:39:48.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 30%
Total physical RAM: 8174.06 MB
Available physical RAM: 5659.58 MB
Total Pagefile: 16366.06 MB
Available Pagefile: 12991.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:405.67 GB) (Free:173.2 GB) NTFS
Drive d: () (Fixed) (Total:292.63 GB) (Free:208.86 GB) NTFS
Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A443BC6C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 04A906DB)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

ak16


Alt 28.01.2015, 12:41   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Ordner auf Wechselmedien werden als Verknüpfung angezeigt

Alt 28.01.2015, 23:09   #7
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Also dan hoffe alles Richtig. Eset hat ewig gedauert


eset log

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=f499e91d01226c46ab617da2bd58b719
# engine=22188
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-28 06:05:25
# local_time=2015-01-28 07:05:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6678177 23600721 0 0
# scanned=470997
# found=257
# cleaned=0
# scan_time=18158
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\1d4f8100-365cdddc"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\53fc13c0-2116da9d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\53fc13c0-5688b252"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6139c640-428341b9"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6139c640-6233c5bb"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\6139c640-66f0d3d0"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\13ed998c-33383e90"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\381c370c-63667de6"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\381c370c-747f53a2"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\381c370c-76a45da0"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\1784b30e-262dd535"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\1784b30e-5c2f15d8"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\6255530e-270b5925"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\7a7bdc0e-419740c0"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\7a7bdc0e-6701987b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\2185dc10-18fa83b9"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\3b61b50-43834ac5"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5b9930d0-29cf211b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5b9930d0-489fcf99"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\5b9930d0-65005d53"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\5abab151-2196886a"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\5abab151-4230015d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\28745852-3a8dec59"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\28745852-5cc6325a"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\4a833e92-2c8631ec"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\4a833e92-2d1bfec8"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\4a833e92-54cdf2d8"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\445ad8d3-39576111"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\33694002-185a7bd6"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\33694002-47d3d7c4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\33694002-5f47977b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\33694002-7f9a224b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\698dfb15-2bb86cb2"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\698dfb15-5c086313"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\73afd055-3604eb05"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\155192d6-2cdfda56"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\155192d6-49587008"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\155192d6-7aac9d96"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\3d5c7f16-65a57648"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\6fa79a16-204be843"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\6fa79a16-2755d900"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\6fa79a16-2ef6602f"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\775ce856-1db6f4e4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\775ce856-48000804"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\50948e17-185385c8"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\50948e17-1954b251"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\50948e17-77c7ec74"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\5bdd95d7-22d25afd"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\495566d8-6f55549c"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\495566d8-744d9f05"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\5a84c898-439421de"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\5a84c898-68f8be5a"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\d34e658-12c08ddc"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\d34e658-51be726f"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\26992f59-265952ed"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\26992f59-380705d2"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\372bf0d9-5fb6c02a"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\372bf0d9-6823ce4d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\6bc91559-26dbf925"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\6bc91559-415f0b95"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6828a69a-53385168"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6828a69a-622ed994"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6828a69a-7fa31d8d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6edf1d5a-34fb3ecd"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\6edf1d5a-6740cdbc"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\4e639edb-1947e44e"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\67586a9b-38ff7c72"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\16a5981c-4594d80d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\49ebafdc-1765cb6f"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\49ebafdc-57e5a028"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\7ffc2d1c-3a91100d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\7ffc2d1c-6778f486"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1f7bc55d-7e2f7fab"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\55135783-1f232ccf"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\716d5bc3-23368a05"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\716d5bc3-586a1100"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\2946199e-33951573"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\2946199e-54e13729"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\2946199e-5a7a2470"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\2946199e-5f5b2c4b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\6eddfe1e-1bc92e06"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\6eddfe1e-2074ebd8"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\6eddfe1e-49dbb730"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1f577a5f-7b3e5c08"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2b7127df-5801726d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\2b7127df-77bbcd16"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\4f0c3c1f-77aaa9ec"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\65ef5ee0-2498cd6b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\65ef5ee0-32f1b032"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\9bdb3e0-71ea87f9"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6e9e27e1-3e70ec82"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6e9e27e1-7be977ee"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\2570cc62-796aaa08"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\5554c762-266d215b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\5554c762-461956af"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\6c5928e2-4baf5ed8"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\6c5928e2-5a3eba0a"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\6c5928e2-5bb0a1cc"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\6c5928e2-69f044ee"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\243ca2e3-3d4a16b4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\243ca2e3-60ab7a09"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\243ca2e3-7413563e"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\4d399a23-6ffacf6e"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\58c5d5a3-1c3f0c27"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\c0aa823-30ecf74b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\c0aa823-43d23e69"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\368a2024-15ce19d7"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\368a2024-3edbac44"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\428fd2a4-55593f05"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\428fd2a4-59c8f0c4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\428fd2a4-640a5178"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\2841d265-75ce93e6"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\5b7efb66-3e0449a6"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\6f3a5a6-3c1c9ae7"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\764f4426-2f649770"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\764f4426-49154e6d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\764f4426-746a8545"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\22a5e467-7b250d18"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\51f0cc27-31c16dbd"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\51f0cc27-424865cd"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\6295a67-254e7323"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\6295a67-6043ef07"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\201f41e8-53b71a07"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\201f41e8-5a4baf72"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2c8a35a8-31af80f0"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2c8a35a8-44f48c5f"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-17319e40"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-26720ede"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-4edf0d88"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-50cc6da0"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-559217f6"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\30c5dba9-713026c5"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\421271a9-4fb481e5"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\2e5135aa-5dbffcab"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\458bd0aa-358f50cf"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\458bd0aa-636710b1"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\26742eac-71619f19"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4b000e6c-73520691"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4b000e6c-75501ad3"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4b000e6c-7a90f733"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\4b000e6c-7aae6d17"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\701dbeec-7c844e94"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\271612d-5d413cd2"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3036be2e-242f23e7"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\3036be2e-6eaaf85d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\319ec96e-48eea0da"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\319ec96e-50977925"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\319ec96e-7aecc1e5"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\4aba456e-2196cf08"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\69f1a12e-687d955b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\60a80faf-2c961ed9"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\60a80faf-3c2c66e5"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\72ee282f-1a47538a"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\98cec2f-1f06f358"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\98cec2f-45c3cc51"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\98cec2f-696f54de"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\34d602f0-673b105b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\6fb2cb30-486d1a76"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1a6563b1-1712f4d1"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\1a6563b1-1a174033"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\33f7c231-1643ec02"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\33f7c231-719f62c3"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5d390eb1-58e51a63"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\30800745-2522b617"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\30800745-77120499"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\4989fac5-5266ea4c"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\4989fac5-5de9e989"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3be1cef2-179530b4"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\3be1cef2-20929337"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\62780332-51f4c8ec"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\c0ee632-1820c767"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\c0ee632-33361930"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\c0ee632-5c251032"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\195d48b3-2a5be20c"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\195d48b3-584fcdeb"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\69cefcb3-31302ce8"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\7d43be73-6b27f546"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\20ad58b4-1685d96c"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\20ad58b4-742b3108"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7108d634-1214308d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\142e65f5-2aaec8bd"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\142e65f5-3dd72ce0"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\142e65f5-4c8b3d99"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\35dc93b5-260b1c20"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\625bed75-3aa9e1bc"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\625bed75-44b8288b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\6b719435-1cf5af95"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\6b719435-237ebcc8"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\6b719435-347244b4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\6b719435-453e2626"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\3ee9f36-29800ee3"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\3ee9f36-7b85f738"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5944c6b6-1ac5b49b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\10fd22f7-543d16c0"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\4f687eb7-268cc399"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\6014d5f7-12262329"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\12d253b8-42a20198"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\12d253b8-597a3f48"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\2e909c78-4d414bf8"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\3e3e4ab8-5930484c"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\3e3e4ab8-62e1826a"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\3e3e4ab8-6d866886"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\3e3e4ab8-7c0ee500"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\712dfeb8-1fce3c2d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\4848ecfa-4721e7d7"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\58d0633a-11e51bf1"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\64c29e7a-694ebeab"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\d5df77a-1ccd4ac3"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\31bcfa86-31ff3228"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\31bcfa86-51f0394c"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\31bcfa86-79e4977f"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\486cb206-5c2cd78a"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\486cb206-69c32617"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\486cb206-6c09e59b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\635de886-7947a63b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\683aa946-24655198"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\683aa946-24ccbadc"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\3dc3b43c-1e22b93e"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\3dc3b43c-2f5180d6"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\3dc3b43c-3a1a52b0"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\3dc3b43c-7ac3a05b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\53894b3c-251eed30"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\29fde3bd-30462b6d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\29fde3bd-71943553"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\2ebcd0fe-49537bf9"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\2ebcd0fe-4f007b8d"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\2ebcd0fe-5448b953"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\2ebcd0fe-68fa8830"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\753f6d7e-7eb049b2"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\31b217bf-168c1e9b"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\31b217bf-4ae31ce4"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\6c76debf-6ffc2593"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\6c76debf-748914c3"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\6cb2b83f-3117bc8d"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\5c257587-3c8437ec"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\a7f2707-3a8660b1"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\be75287-32965839"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\be75287-59da1256"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\be75287-6b3fa80b"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\364a3dc8-2261c8d2"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\b058e08-4d1c811f"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\b7c0748-30c8a5e3"
sh=148D9C1C5FF71F41247578A67716AF07F458ADCC ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\b7c0748-317a61b7"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\4503f209-27741c6a"
sh=8666E9F9F277929BB290FEA5B67B019430336EB1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\AKA\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\4503f209-45505819"
sh=C4F2EFE1D52AC318C80FBA112B813610645E6DD3 ft=1 fh=ab8b815794edbfb2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\BlueStacks App Player - CHIP-Installer.exe"
sh=5C43ADE625B16848A484321E28B53B4D762D5AFC ft=0 fh=0000000000000000 vn="Variante von MSIL/Hoax.FakeHack.GS Anwendung" ac=I fn="C:\Users\AKA\Downloads\COCv2.3.rar"
sh=7F4582EBE4512D858459679E85BF0BA80749D5E7 ft=1 fh=ddedc51c79095c55 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\FastStone Photo Resizer - CHIP-Downloader.exe"
sh=23F8B030FC8336446FB6E7CEFDA3BBBA27C71034 ft=1 fh=8b4a2e27b3d535eb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\Hex Editor MX - CHIP-Installer.exe"
sh=11028B5253369DA7B290F59E2992412FD94AE669 ft=1 fh=c71c001159ef6180 vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\hexedit_CB-DL-Manager.exe"
sh=887837EF98F416D96FA525721AC5B88B6EE179D8 ft=1 fh=a37f5c05b7c3e434 vn="Win32/DownloadAdmin.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\Hotspot-Shield-649.exe"
sh=7879324ADB2CD81B725C8E4A1D9FF28D6467CEE6 ft=1 fh=0e22b93308d7ef74 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=D03697E0485380B5201D3D8DC2B1B71C33F23DBB ft=1 fh=9db60c7551d64b40 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\AKA\Downloads\PandoraRecovery_CB-DL-Manager.exe"
sh=E79CE0DA43C79F2A4E48A4F4A02905DE783FBD16 ft=1 fh=a9eb553813c219ce vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\AKA\Downloads\vlc-2.1.4-win64.exe"
sh=703D8F1380EA9E4F6F2B7F6FC5B7FE8E6215FB43 ft=0 fh=0000000000000000 vn="Win32/Bundpil.S Wurm" ac=I fn="F:\Expansion Drive (932GB).lnk"
sh=34327EEE5C61E61FEFBC1E6C6251EED2F79DD5EE ft=1 fh=16e5ede6d25eb91d vn="Win32/Bundpil.A Wurm" ac=I fn="F:\~$WNTKD.USBDrv"
sh=296777D0505DAC69F057B9286D5424F8ED3BAA47 ft=1 fh=19b2fa25c2aa67ed vn="Win32/Conficker.AA Wurm" ac=I fn="F:\*\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx"
         
security check ist sowas gekommen

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         

Alt 28.01.2015, 23:10   #8
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Ging leider wegen der länge nicht als ein beitrag
FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by AKA (administrator) on MSI on 28-01-2015 23:57:21
Running from C:\Users\AKA\Desktop
Loaded Profiles: AKA (Available profiles: AKA)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\HP Link5 Config\PelLinkS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\PelLink5.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\Link5HID.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\HP Link5 Config\VolOSD.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\GUI\GDSC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2486272 2010-06-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PelLink5] => C:\ProgramData\HP Link5 Config\PelLink5.exe [173568 2012-12-17] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Link5 Monitor\hpMonitor28.exe [74704 2013-01-01] (Hewlett-Packard)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.120.136.116

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2014-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2014-06-15]

Chrome: 
=======
CHR Profile: C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Google Docs) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Google Drive) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-27]
CHR Extension: (YouTube) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Google-Suche) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Google Tabellen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Google Mail) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 JTAGServer; C:\altera\13.0sp1\quartus\bin64\jtagserver.exe [268800 2013-06-13] () [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PelLinkS; C:\ProgramData\HP Link5 Config\PelLinkS.exe [184320 2012-12-17] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329848 2013-05-06] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\system32\DRIVERS\cmnsusbser.sys [126080 2014-06-17] (QUALCOMM Incorporated)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-05-22] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-06-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-06-06] (G Data Software AG)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-06-10] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114560 2010-03-20] (Huawei Technologies Co., Ltd.)
S0 johci; C:\Windows\System32\drivers\johci.sys [20392 2009-09-21] (JMicron )
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-28] (Microsoft Corporation)
S3 ohci1394; \SystemRoot\System32\drivers\ohci1394.sys [X]
S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:56 - 2015-01-28 23:56 - 02130432 _____ (Farbar) C:\Users\AKA\Desktop\FRST64.exe
2015-01-28 23:56 - 2015-01-28 23:56 - 00000000 ____D () C:\Users\AKA\Desktop\FRST-OlderVersion
2015-01-28 23:55 - 2015-01-28 23:55 - 00852573 _____ () C:\Users\AKA\Desktop\SecurityCheck.exe
2015-01-28 13:49 - 2015-01-28 13:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 13:48 - 2015-01-28 13:49 - 02347384 _____ (ESET) C:\Users\AKA\Downloads\esetsmartinstaller_deu.exe
2015-01-28 11:51 - 2015-01-28 11:52 - 00031912 _____ () C:\Users\AKA\Desktop\Addition.txt
2015-01-28 11:50 - 2015-01-28 23:57 - 00023996 _____ () C:\Users\AKA\Desktop\FRST.txt
2015-01-28 11:45 - 2015-01-28 11:45 - 00000911 _____ () C:\Users\AKA\Desktop\JRT.txt
2015-01-28 11:37 - 2015-01-28 11:37 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-28 11:36 - 2015-01-28 11:36 - 01707939 _____ (Thisisu) C:\Users\AKA\Downloads\JRT.exe
2015-01-28 11:31 - 2015-01-28 11:31 - 00003432 _____ () C:\Users\AKA\Desktop\AdwCleaner[S1].txt
2015-01-28 11:17 - 2015-01-28 11:17 - 02194432 _____ () C:\Users\AKA\Downloads\AdwCleaner_4.109.exe
2015-01-28 11:15 - 2015-01-28 11:15 - 00001273 _____ () C:\Users\AKA\Desktop\mbam.txt
2015-01-28 10:48 - 2015-01-28 11:31 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 10:47 - 2015-01-28 10:47 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-28 10:45 - 2015-01-28 10:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\AKA\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 10:42 - 2015-01-28 10:42 - 00019376 _____ () C:\Users\AKA\Downloads\SWAR_SAGA_GER_720p_BRip_x264_-_WodkaE-h43yg8n085x.dlc
2015-01-27 19:27 - 2015-01-27 19:27 - 00088334 _____ () C:\Users\AKA\Desktop\cach.txt
2015-01-27 17:57 - 2015-01-27 18:39 - 00038074 _____ () C:\Users\AKA\Downloads\Addition.txt
2015-01-27 17:55 - 2015-01-28 23:57 - 00000000 ____D () C:\FRST
2015-01-27 17:55 - 2015-01-27 18:39 - 00050605 _____ () C:\Users\AKA\Downloads\FRST.txt
2015-01-26 23:23 - 2015-01-27 00:04 - 1090802712 _____ () C:\Users\AKA\Downloads\krdy95ltrg.rar
2015-01-25 15:06 - 2015-01-25 15:29 - 350359868 _____ () C:\Users\AKA\Downloads\1204-143919.rar
2015-01-24 18:56 - 2015-01-24 18:56 - 00005296 _____ () C:\Users\AKA\Downloads\k579i7yv2h0u246.dlc
2015-01-24 17:59 - 2015-01-24 17:59 - 00006296 _____ () C:\Users\AKA\Downloads\GDN0TGX1472G_-_UL-xxggugnjs6y0a.dlc
2015-01-24 01:05 - 2015-01-24 01:05 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00002021 _____ () C:\Users\Public\Desktop\Remote Control Server.lnk
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\Program Files (x86)\Remote Control Server
2015-01-24 01:01 - 2015-01-24 01:01 - 00000000 ____D () C:\Users\AKA\AppData\Local\Downloaded Installations
2015-01-24 01:00 - 2015-01-24 01:01 - 06752340 _____ (Steppschuh) C:\Users\AKA\Downloads\RemoteControlServerSetup.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-22 23:05 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-22 23:05 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-22 23:05 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-22 23:05 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-22 23:05 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-22 23:05 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-22 23:05 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-22 23:05 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-22 23:05 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-22 23:05 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-22 23:05 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-22 23:05 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-22 23:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-22 23:05 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-22 23:05 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-22 23:05 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-22 23:05 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-22 23:05 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-22 23:05 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-22 23:05 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-22 23:05 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-22 23:05 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-22 23:05 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-22 23:05 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-22 23:05 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-22 23:05 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-22 23:05 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-22 23:05 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-22 23:05 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-22 23:05 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-22 23:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-22 23:05 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-22 23:05 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-22 23:05 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-22 23:05 - 2014-11-04 07:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-22 23:05 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-22 23:05 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-22 23:05 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-22 23:05 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-22 23:05 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-22 23:05 - 2014-10-29 04:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-22 23:05 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-22 23:05 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-22 23:05 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-22 23:05 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-22 23:05 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-22 23:05 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-22 23:05 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-22 23:05 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-22 23:05 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-22 23:05 - 2014-10-17 05:56 - 00238912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00153920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-22 23:05 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-19 22:37 - 2015-01-19 22:39 - 69104008 _____ (SiSoftware ) C:\Users\AKA\Downloads\sisoftware_sandra_lite_2015_san2115.exe
2015-01-19 22:23 - 2015-01-19 22:23 - 02231742 _____ ( ) C:\Users\AKA\Downloads\diagnose_8.67.exe
2015-01-17 20:36 - 2015-01-17 20:36 - 00001560 _____ () C:\Users\AKA\Downloads\ml9794a2gzer40s.dlc
2015-01-17 20:22 - 2015-01-17 20:22 - 00002416 _____ () C:\Users\AKA\Downloads\4fu23mxpv10au24.dlc
2015-01-16 15:45 - 2015-01-16 15:45 - 00885880 _____ () C:\Users\AKA\Desktop\Bayer 04 Leverkusen print@home-Ticket.zip
2015-01-15 11:44 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 11:44 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 11:32 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 11:32 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 11:32 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 11:32 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 11:32 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 11:32 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 21:18 - 2015-01-13 21:18 - 00034800 _____ () C:\Users\AKA\Downloads\f84679105457909db5d0a867457197c4.dlc
2015-01-13 19:12 - 2015-01-13 19:14 - 00820488 _____ () C:\WINDOWS\Minidump\011315-111296-01.dmp
2015-01-12 16:56 - 2015-01-12 17:09 - 280500232 _____ () C:\Users\AKA\Downloads\ncis.s12e03.sof.rar
2015-01-11 22:00 - 2015-01-11 22:03 - 00000000 ____D () C:\Users\AKA\Desktop\usb
2015-01-11 22:00 - 2015-01-11 22:00 - 00108171 _____ () C:\Users\AKA\Downloads\usbdeview-x64.zip
2015-01-11 21:59 - 2015-01-11 21:59 - 00003244 _____ () C:\Users\AKA\Downloads\usbdeview_german.zip
2015-01-10 18:40 - 2015-01-10 18:40 - 00001412 _____ () C:\Users\AKA\Downloads\3e90oau2xrr05t7.dlc
2015-01-10 18:03 - 2015-01-10 18:03 - 00001264 _____ () C:\Users\AKA\Downloads\r3un2rxd08m294t.dlc
2015-01-09 22:29 - 2015-01-09 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 15:03 - 2015-01-09 15:03 - 00000222 _____ () C:\Users\AKA\Desktop\Age of Empires II HD Edition.url
2015-01-09 15:03 - 2015-01-09 15:03 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:41 - 2015-01-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 14:41 - 2015-01-09 14:41 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-09 14:41 - 2015-01-09 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:40 - 2015-01-09 14:40 - 01142128 _____ () C:\Users\AKA\Downloads\SteamSetup.exe
2015-01-08 22:31 - 2015-01-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-05 20:15 - 2015-01-28 11:29 - 00004228 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:15 - 2015-01-05 20:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-03 19:08 - 2015-01-10 19:28 - 00000000 ____D () C:\Users\AKA\Desktop\Tarihe Yolculuk
2015-01-03 18:45 - 2015-01-03 18:45 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-01-03 18:44 - 2015-01-03 18:46 - 00000000 ____D () C:\Program Files\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-01-03 18:42 - 2015-01-03 18:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-03 18:41 - 2015-01-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
2015-01-03 18:41 - 2015-01-03 18:41 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-01 12:24 - 2015-01-01 13:37 - 1066171576 _____ () C:\Users\AKA\Downloads\krdy91ltrg.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:39 - 2014-05-28 10:32 - 01527296 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-28 23:33 - 2014-10-27 13:06 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 23:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-28 14:16 - 2014-10-27 13:06 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-28 11:36 - 2014-03-18 11:04 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-28 11:36 - 2014-03-18 10:25 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-28 11:36 - 2014-03-18 10:25 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-28 11:35 - 2014-05-28 12:13 - 00000000 ___DO () C:\Users\AKA\OneDrive
2015-01-28 11:29 - 2014-11-22 19:44 - 00000497 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-01-28 11:29 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-28 11:28 - 2014-08-01 00:38 - 00032650 _____ () C:\WINDOWS\PFRO.log
2015-01-28 11:24 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-28 11:23 - 2014-07-31 04:00 - 00000000 ____D () C:\AdwCleaner
2015-01-28 11:05 - 2014-05-22 14:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1015216767-4129399232-3615065482-1001
2015-01-27 13:17 - 2014-10-27 13:08 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 02:26 - 2014-05-23 15:24 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\vlc
2015-01-26 00:16 - 2014-05-22 16:17 - 00000000 ____D () C:\Users\AKA\Desktop\Neuer Ordner
2015-01-25 20:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-25 11:48 - 2014-05-25 20:28 - 00000000 ____D () C:\Users\AKA\Downloads\J dow
2015-01-25 10:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-23 19:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-23 19:18 - 2014-05-23 22:51 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Skype
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-22 23:04 - 2014-11-12 11:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-19 22:32 - 2014-12-11 16:52 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-19 22:32 - 2014-12-11 16:52 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-18 04:05 - 2014-05-28 10:38 - 00000000 ____D () C:\Users\AKA
2015-01-18 01:31 - 2014-05-23 23:11 - 00000000 ____D () C:\Program Files (x86)\Eclipse Java
2015-01-17 21:14 - 2014-10-21 11:41 - 00034605 _____ () C:\WINDOWS\DirectX.log
2015-01-15 11:44 - 2014-05-27 16:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 11:36 - 2014-05-27 16:49 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 21:53 - 2014-12-19 20:31 - 00005044 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI
2015-01-13 19:12 - 2014-08-19 10:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-11 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-09 00:14 - 2014-05-22 22:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 00:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-09 00:14 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-01-09 00:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 22:40 - 2014-12-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-04 23:08 - 2014-11-19 18:46 - 00000000 ____D () C:\Users\AKA\Desktop\Mathe
2015-01-04 23:08 - 2014-10-13 16:08 - 00000000 ____D () C:\Users\AKA\Desktop\GE1 Dederich
2015-01-04 23:08 - 2014-10-10 16:21 - 00000000 ____D () C:\Users\AKA\Desktop\Patch_SchulMathe
2015-01-03 19:00 - 2014-05-30 21:07 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-03 18:46 - 2014-05-27 12:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-03 18:46 - 2014-05-22 14:39 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Adobe
2015-01-03 18:43 - 2014-05-24 00:22 - 00000000 ____D () C:\Users\AKA\AppData\Local\Adobe
2015-01-03 18:43 - 2014-05-22 22:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-01 00:56 - 2014-12-26 15:42 - 731814810 _____ () C:\Users\AKA\Downloads\krtlrvdsps241ltrg.rar

==================== Files in the root of some directories =======

2014-06-06 14:41 - 2014-06-06 14:41 - 0000000 _____ () C:\Users\AKA\AppData\Roaming\gdfw.log
2014-06-06 14:41 - 2014-06-06 14:41 - 0000779 _____ () C:\Users\AKA\AppData\Roaming\gdscan.log

Some content of TEMP:
====================
C:\Users\AKA\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\AKA\AppData\Local\Temp\Quarantine.exe
C:\Users\AKA\AppData\Local\Temp\ResetDevice.exe
C:\Users\AKA\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-28 11:05

==================== End Of Log ============================
         
--- --- ---

[/CODE]

Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by AKA at 2015-01-28 11:51:31
Running from C:\Users\AKA\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3MobileWiFi (HKLM-x32\...\3MobileWiFi) (Version: WIN1.01.01.156 - Huawei Technologies Co.,Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.17.666 - Atmel)
AVRStudio4 (x32 Version: 4.17.666 - Atmel) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 All in One Update - Pack 1.00 (HKLM-x32\...\Borderlands 2 All in One Update - Pack 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands The Pre Sequel GERMAN (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
calibre (HKLM-x32\...\{B364DC2A-9783-4737-B795-D6F0562A41C5}) (Version: 0.8.61 - Kovid Goyal)
Camera Recorder (HKLM-x32\...\{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}) (Version: 1.0.909.0801 - Camera Recorder)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{D9ABE01A-6E18-4F30-9ED6-2494A5019074}) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
Dropbox (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts)
Flip 3.3.4 (HKLM-x32\...\flip.exe) (Version: 3.3.4 - Atmel)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Video to MP3 Converter version 5.0.42.530 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.42.530 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Wireless Mouse Suite 2.8 (HKLM-x32\...\{C7EF1D07-8CC6-4532-A4C9-37612FCB3410}) (Version: 2.8 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java-Editor 12.2, 2013.10.2 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.280 - Motorola, Inc.)
MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovi Desktop Sync Engine (x32 Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.44.2 - Nokia) Hidden
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Quartus II Web Edition (Free) 13.0.1.232 (HKLM-x32\...\Quartus II Web Edition (Free) 13.0.1.232) (Version: 13.0sp1 - Altera Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0617.007 - Micro-Star International Co., Ltd.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WinAVR 20090313 (remove only) (HKLM-x32\...\WinAVR-20090313) (Version: 20090313 - )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net  (07/06/2010 3.01.08.0001) (HKLM\...\DDAB5FC44964BD27F18121236A6EB5719FB86ECC) (Version: 07/06/2010 3.01.08.0001 - Ralink Technology, Corp.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

15-01-2015 11:36:15 Windows Update
17-01-2015 21:10:56 DirectX wurde installiert
22-01-2015 22:58:37 Windows Update
24-01-2015 01:01:41 Installed Remote Control Server.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-27 17:54 - 2015-01-27 17:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0447227E-6DAA-4E9C-8E37-E21D8F9CCF10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {0A3C6B71-6781-4DBD-9906-FA4654BF9CF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: {128732B2-5BFB-40CB-98F3-6382F5317557} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {2A3579F1-F34A-4EEC-A433-0855EFBDDF33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {30DF1A22-C561-4FE9-9AEA-B314A7B17593} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {56E60A3F-3B1A-4BA2-8752-6D284D0DA63D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6518BCCB-0C13-42ED-B4F2-077193F8677D} - System32\Tasks\{24DB3F75-DC74-40D7-9585-49A3DF45E361} => pcalua.exe -a D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned\ssetup.exe -d D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned
Task: {A7D013F5-6FFD-4B64-A5B4-76FE8221D26D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E4152EF4-F89F-4314-B1BF-C410842453AC} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1015216767-4129399232-3615065482-1001
Task: {EB70BC40-11A0-4944-832D-74A22D2239EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-28 10:32 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 22:59 - 2013-06-13 06:15 - 00268800 _____ () C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
2014-05-23 22:59 - 2013-06-13 06:13 - 00029184 _____ () C:\altera\13.0sp1\quartus\bin64\ccl_ver.dll
2014-05-23 22:59 - 2013-06-13 02:41 - 00879616 _____ () C:\altera\13.0sp1\quartus\bin64\dinkum_alt.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00184320 _____ () C:\ProgramData\HP Link5 Config\PelLinkS.exe
2014-06-17 19:09 - 2013-05-06 14:45 - 00329848 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-12-19 03:42 - 2013-12-19 03:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00288768 _____ () C:\ProgramData\HP Link5 Config\VolOSD.exe
2014-06-11 04:34 - 2014-06-11 04:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-02-26 01:28 - 2013-02-26 01:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00079360 _____ () C:\ProgramData\HP Link5 Config\PelComm.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00047104 _____ () C:\ProgramData\HP Link5 Config\PelDrv.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00459264 _____ () C:\ProgramData\HP Link5 Config\PelHooks.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00108032 _____ () C:\ProgramData\HP Link5 Config\PelUtil.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00028672 _____ () C:\ProgramData\HP Link5 Config\PelMagnf.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00131072 _____ () C:\ProgramData\HP Link5 Config\PelScrll.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AKA\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "NokiaMServer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-1015216767-4129399232-3615065482-500 - Administrator - Disabled)
AKA (S-1-5-21-1015216767-4129399232-3615065482-1001 - Administrator - Enabled) => C:\Users\AKA
Gast (S-1-5-21-1015216767-4129399232-3615065482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1015216767-4129399232-3615065482-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: JMicron OHCI Compliant IEEE 1394 Host Controller
Description: JMicron OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: JMicron Technology Corp.
Service: ohci1394
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 11:45:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)


System errors:
=============
Error: (01/28/2015 11:52:05 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:51:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:51:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:50:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:50:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:49:34 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (01/28/2015 11:49:04 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (01/28/2015 11:45:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)


CodeIntegrity Errors:
===================================
  Date: 2014-06-05 16:59:10.933
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-05 16:59:10.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 17:56:07.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:52.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:51.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.293
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:39:48.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 30%
Total physical RAM: 8174.06 MB
Available physical RAM: 5659.58 MB
Total Pagefile: 16366.06 MB
Available Pagefile: 12991.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:405.67 GB) (Free:173.2 GB) NTFS
Drive d: () (Fixed) (Total:292.63 GB) (Free:208.86 GB) NTFS
Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A443BC6C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 04A906DB)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 29.01.2015, 11:07   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\AKA\Downloads\BlueStacks App Player - CHIP-Installer.exe

C:\Users\AKA\Downloads\COCv2.3.rar

C:\Users\AKA\Downloads\FastStone Photo Resizer - CHIP-Downloader.exe

C:\Users\AKA\Downloads\Hex Editor MX - CHIP-Installer.exe

C:\Users\AKA\Downloads\hexedit_CB-DL-Manager.exe

C:\Users\AKA\Downloads\Hotspot-Shield-649.exe

C:\Users\AKA\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe

C:\Users\AKA\Downloads\PandoraRecovery_CB-DL-Manager.exe

C:\Users\AKA\Downloads\vlc-2.1.4-win64.exe

F:\*\RECYCLER
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.01.2015, 13:20   #10
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Erstmal der Fixlog


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by AKA at 2015-01-29 12:33:32 Run:1
Running from C:\Users\AKA\Desktop\Neuer Ordner (2)
Loaded Profiles: AKA (Available profiles: AKA)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\AKA\Downloads\BlueStacks App Player - CHIP-Installer.exe

C:\Users\AKA\Downloads\COCv2.3.rar

C:\Users\AKA\Downloads\FastStone Photo Resizer - CHIP-Downloader.exe

C:\Users\AKA\Downloads\Hex Editor MX - CHIP-Installer.exe

C:\Users\AKA\Downloads\hexedit_CB-DL-Manager.exe

C:\Users\AKA\Downloads\Hotspot-Shield-649.exe

C:\Users\AKA\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe

C:\Users\AKA\Downloads\PandoraRecovery_CB-DL-Manager.exe

C:\Users\AKA\Downloads\vlc-2.1.4-win64.exe

F:\*\RECYCLER
Emptytemp:

*****************

C:\Users\AKA\Downloads\BlueStacks App Player - CHIP-Installer.exe => Moved successfully.
C:\Users\AKA\Downloads\COCv2.3.rar => Moved successfully.
C:\Users\AKA\Downloads\FastStone Photo Resizer - CHIP-Downloader.exe => Moved successfully.
C:\Users\AKA\Downloads\Hex Editor MX - CHIP-Installer.exe => Moved successfully.
C:\Users\AKA\Downloads\hexedit_CB-DL-Manager.exe => Moved successfully.
C:\Users\AKA\Downloads\Hotspot-Shield-649.exe => Moved successfully.
C:\Users\AKA\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe => Moved successfully.
C:\Users\AKA\Downloads\PandoraRecovery_CB-DL-Manager.exe => Moved successfully.
C:\Users\AKA\Downloads\vlc-2.1.4-win64.exe => Moved successfully.
"F:\*\RECYCLER" => File/Directory not found.
EmptyTemp: => Removed 15.9 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 12:37:35 ====
         
Das von Delfix noch

Code:
ATTFilter
# DelFix v10.8 - Datei am 29/01/2015 um 12:56:08 erstellt
# Aktualisiert am 29/07/2014 von Xplode
# Benutzer : AKA - MSI
# Betriebssystem : Windows 8.1 Pro with Media Center  (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\AKA\Desktop\Addition.txt
Gelöscht : C:\Users\AKA\Desktop\AdwCleaner[S1].txt
Gelöscht : C:\Users\AKA\Desktop\FRST.txt
Gelöscht : C:\Users\AKA\Desktop\JRT.txt
Gelöscht : C:\Users\AKA\Desktop\log.txt
Gelöscht : C:\Users\AKA\Downloads\Addition.txt
Gelöscht : C:\Users\AKA\Downloads\AdwCleaner-3.014 (1).exe
Gelöscht : C:\Users\AKA\Downloads\AdwCleaner-3.014.exe
Gelöscht : C:\Users\AKA\Downloads\adwcleaner_3.301 (1).exe
Gelöscht : C:\Users\AKA\Downloads\adwcleaner_3.301.exe
Gelöscht : C:\Users\AKA\Downloads\AdwCleaner_4.109.exe
Gelöscht : C:\Users\AKA\Downloads\esetsmartinstaller_deu.exe
Gelöscht : C:\Users\AKA\Downloads\FRST.txt
Gelöscht : C:\Users\AKA\Downloads\JRT.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #57 [DirectX wurde installiert | 01/17/2015 20:10:56]
Gelöscht : RP #58 [Windows Update | 01/22/2015 21:58:37]
Gelöscht : RP #59 [Installed Remote Control Server. | 01/24/2015 00:01:41]
Gelöscht : RP #60 [Windows Update | 01/29/2015 11:29:24]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########
         
verstehe ich das jetzt Richtig es ist jetzt alles Sauber bei mir und ich kann wieder alles Normal benuzen?

Und eine letzte frage wie ist G Data als Antivirus kann ich ihn bedenkenlos vertrauen?

Sonst habe ich keine fragen mehr vielen Dank

Anhang
Habe grad versucht auf meine externe zuzugreifen die ich ja ursürnglich reinigen wollte da hat mir mein antivirus Programm dies gemeldet

Virus: Gen:Variant.Zusy.60053 (Engine A)
Datei: ~$WNTKD.USBDrv
Verzeichnis: F:
Prozess: rundll32.exe


ich kann auch nicht auf die Daten zugreifen

Also so sieht es in Moment aus
habe G data ausführen lassen. Da hat das Programm die Gefunden


Code:
ATTFilter
Virenprüfung mit G Data InternetSecurity CBE
Version 25.0.1.2 (20.03.2014)
Virensignaturen vom 29.01.2015
Startzeit: 29.01.2015 13:37:46
Engine(s): Engine A (AVA 25.30), Engine B (GD 25.4578)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Aus

Prüfung der Systembereiche...
Prüfung folgender Verzeichnisse und Dateien:
  F:\

Analyse vollständig durchgeführt: 29.01.2015 14:06:14
    16418 Dateien überprüft
    3 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden


Objekt: ~$WNTKD.USBDrv
	Pfad: F:
	Status: Virus entfernt
	Virus: Gen:Variant.Zusy.60053 (Engine A)

Archiv: Thumbs.db
	Pfad: F:
	Status: Virus gefunden
	Virus: Gen:Variant.Gamarue.1 (Engine A)
Objekt: (Quarantine-PE)
	In Archiv: F:\Thumbs.db
	Status: Virus gefunden
	Virus: Gen:Variant.Gamarue.1

Objekt: jwgkvsq.vmx
	Pfad: F:\*\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665
	Status: Datei in Quarantäne verschoben
	Virus: Win32.Worm.Downadup.Gen (Engine A)

Der Zugriff auf die folgenden Dateien wurde verweigert:
F:\System Volume Information\IndexerVolumeGuid
F:\System Volume Information\MountPointManagerRemoteDatabase
F:\System Volume Information\EfaData\SYMEFA.DB

Die folgenden Dateien sind Passwortgeschützt:
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R0WF6RM.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R0QHTWU.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R2HFYLN.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R22S3Y0.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R1F6OAZ.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R2JIKN2.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R3HHSPI.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R5AQ215.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R5I0CSB.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R6I4852.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R7HT8E1.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$R8MJ22G.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RABAH44.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RAP06W9.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RATEJK4.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RCMF493.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RDRK0BD.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$REK3WEF.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RF1CB0I.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RFORYL4.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RG57B2A.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RG70WST.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RGNHQJT.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RHLPQ9E.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RHVO07U.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RHVWRY5.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RK0YC74.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RKUVV1P.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RKWIKNW.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RLDZKDF.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RLLI8RS.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RMA3MGZ.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RN5EUET.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RNPC6L9.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RNTEJQT.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$ROMEBJV.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RONC52H.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$ROPA2P6.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$ROYY12R.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RP71CF4.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RPEOO55.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RPIPUCR.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RR1SIYL.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RR3I4UW.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RRD8VT2.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RS2JGSC.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RSDFIQK.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RSOEP19.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RU6QGIA.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RU72P7V.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RU9CLGA.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RUHUA6R.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RUYUMW9.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RVEK7Z4.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RWZ80PM.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RXWKQPA.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RY3BVA3.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RYSYQL8.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RYV148U.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RZ22FL7.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RZFPBJZ.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RZKN0YM.rar
F:\*\$RECYCLE.BIN\S-1-5-21-3582983518-3675431402-603696027-1000\$RZTQUGR.rar
F:\*\Girilmez\6127\SERIEN\Cizgi\Ranma\Ranma_-_S01E01_-_Ein_ungewoehnliches_Maedchen.part1.rar
F:\*\Girilmez\6127\SERIEN\Cizgi\Ranma\Ranma_-_S01E01_-_Ein_ungewoehnliches_Maedchen.part2.rar
         

Code:
ATTFilter
Datei: F:\~$WNTKD.USBDrv
Virus: Gen:Variant.Zusy.60053 (Engine A)


Beim Öffnen der Datei "F:\~$WNTKD.USBDrv" wurde der Virus "Gen:Variant.Zusy.60053 (Engine A)" entdeckt. Zugriff verweigert.
         

was muss ich jetzt machen?
Auf die Dateien von der externen kann ich immer noch nicht zugreifen

Da gibt's einen Ordner der wird als Verknüfung angezeigt und die Dateien sollen da drin sein

das ziel Phad der Verknüfung ist


C:\Windows\system32\rundll32.exe ~$WNTKD.USBDrv,_fndot@16 desktop.ini "*"

Geändert von ak16 (29.01.2015 um 12:30 Uhr)

Alt 29.01.2015, 16:33   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



POste mal bitte noch ein frisches FRST Log. Hast Du die Externe mit MBAM gescannt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.01.2015, 22:59   #12
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Ich bin jetzt leider noch ein paar stunden unterwegs, Antworte daher auch von meinem Handy.
Um die Sache eventuell bißchen zu beschleunigen die Festplatte war von Anfang an immer Angeschlossen und bei jeden Scann wurde die auch mit eingezogen. Die Festplatte hatte immer den Laufwerk namen F.


Ak16

Hab eben alles getestet hier die Berichte

FRS

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by AKA (administrator) on MSI on 29-01-2015 23:51:42
Running from C:\Users\AKA\Desktop\Neuer Ordner (2)
Loaded Profiles: AKA (Available profiles: AKA)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\ProgramData\HP Link5 Config\PelLinkS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\XSManager\WTGService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\PelLink5.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Hewlett-Packard) C:\ProgramData\HP Link5 Config\Link5HID.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\ProgramData\HP Link5 Config\VolOSD.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
() C:\$Recycle.Bin\S-1-5-21-1015216767-4129399232-3615065482-1001\$RA2QLJV\FRST64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2486272 2010-06-17] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PelLink5] => C:\ProgramData\HP Link5 Config\PelLink5.exe [173568 2012-12-17] (Hewlett-Packard)
HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Link5 Monitor\hpMonitor28.exe [74704 2013-01-01] (Hewlett-Packard)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-06-11] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Akamai NetSession Interface] => C:\Users\AKA\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-19] (Valve Corporation)
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll ()
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
Tcpip\Parameters: [DhcpNameServer] 10.120.136.116

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2014-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2014-06-15]

Chrome: 
=======
CHR Profile: C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-27]
CHR Extension: (Google Docs) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-27]
CHR Extension: (Google Drive) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-27]
CHR Extension: (WOT) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-01-29]
CHR Extension: (YouTube) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-27]
CHR Extension: (Google-Suche) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-27]
CHR Extension: (Google Tabellen) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-27]
CHR Extension: (AdBlock) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-27]
CHR Extension: (Google Wallet) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-27]
CHR Extension: (Google Mail) - C:\Users\AKA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-22] (Macrovision Europe Ltd.) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 JTAGServer; C:\altera\13.0sp1\quartus\bin64\jtagserver.exe [268800 2013-06-13] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PelLinkS; C:\ProgramData\HP Link5 Config\PelLinkS.exe [184320 2012-12-17] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329848 2013-05-06] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\system32\DRIVERS\cmnsusbser.sys [126080 2014-06-17] (QUALCOMM Incorporated)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2014-05-22] (DT Soft Ltd)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [249856 2010-03-24] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-06-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-06-06] (G Data Software AG)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-06-10] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)
R3 HPMoA407; C:\Windows\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\Windows\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114560 2010-03-20] (Huawei Technologies Co., Ltd.)
S0 johci; C:\Windows\System32\drivers\johci.sys [20392 2009-09-21] (JMicron )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec                                            )
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-06-11] (Cisco Systems, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-05-28] (Microsoft Corporation)
S3 ohci1394; \SystemRoot\System32\drivers\ohci1394.sys [X]
S3 taphss6; \SystemRoot\system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 23:17 - 2015-01-29 23:51 - 00000000 ____D () C:\FRST
2015-01-29 14:57 - 2015-01-29 14:57 - 00000000 ____D () C:\Program Files\WOT
2015-01-29 14:57 - 2015-01-29 14:57 - 00000000 ____D () C:\Program Files (x86)\WOT
2015-01-29 14:56 - 2015-01-29 14:56 - 02296819 _____ () C:\Users\AKA\Downloads\WOT-latest-de-13.9.2.0.zip
2015-01-29 14:48 - 2015-01-29 14:48 - 00518723 _____ () C:\Users\AKA\Desktop\Bayer 04 Leverkusen print@home-Ticket2.zip
2015-01-29 14:13 - 2015-01-29 14:13 - 00006449 _____ () C:\Users\AKA\Desktop\G Data Protokoll ID 857.txt
2015-01-29 14:13 - 2015-01-29 14:13 - 00000126 _____ () C:\Users\AKA\Desktop\G Data Protokoll ID 855.txt
2015-01-29 14:13 - 2015-01-29 14:13 - 00000068 _____ () C:\Users\AKA\Desktop\G Data Protokoll ID 856.txt
2015-01-29 13:21 - 2015-01-29 13:21 - 701506007 _____ () C:\WINDOWS\MEMORY.DMP
2015-01-29 13:21 - 2015-01-29 13:21 - 00292696 _____ () C:\WINDOWS\Minidump\012915-22015-01.dmp
2015-01-29 13:11 - 2015-01-29 13:16 - 00000000 ____D () C:\ProgramData\TEMP
2015-01-29 13:11 - 2015-01-29 13:14 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-01-29 13:11 - 2015-01-29 13:11 - 00001095 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-01-29 13:11 - 2015-01-29 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-01-29 13:11 - 2015-01-29 13:11 - 00000000 ____D () C:\ProgramData\Licenses
2015-01-29 13:11 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2015-01-29 13:10 - 2015-01-29 13:10 - 00448512 _____ (OldTimer Tools) C:\Users\AKA\Downloads\TFC.exe
2015-01-29 13:09 - 2015-01-29 13:09 - 04095448 _____ (BrightFort LLC ) C:\Users\AKA\Downloads\spywareblastersetup50.exe
2015-01-29 12:56 - 2015-01-29 12:57 - 00001584 _____ () C:\DelFix.txt
2015-01-29 00:25 - 2015-01-29 23:51 - 00000000 ____D () C:\Users\AKA\Desktop\Neuer Ordner (2)
2015-01-28 11:37 - 2015-01-29 12:56 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-28 10:48 - 2015-01-29 23:15 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 10:47 - 2015-01-28 10:47 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 10:47 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-28 10:47 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-01-28 10:45 - 2015-01-28 10:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\AKA\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-28 10:42 - 2015-01-28 10:42 - 00019376 _____ () C:\Users\AKA\Downloads\SWAR_SAGA_GER_720p_BRip_x264_-_WodkaE-h43yg8n085x.dlc
2015-01-27 19:27 - 2015-01-27 19:27 - 00088334 _____ () C:\Users\AKA\Desktop\cach.txt
2015-01-26 23:23 - 2015-01-27 00:04 - 1090802712 _____ () C:\Users\AKA\Downloads\krdy95ltrg.rar
2015-01-25 15:06 - 2015-01-25 15:29 - 350359868 _____ () C:\Users\AKA\Downloads\1204-143919.rar
2015-01-24 18:56 - 2015-01-24 18:56 - 00005296 _____ () C:\Users\AKA\Downloads\k579i7yv2h0u246.dlc
2015-01-24 17:59 - 2015-01-24 17:59 - 00006296 _____ () C:\Users\AKA\Downloads\GDN0TGX1472G_-_UL-xxggugnjs6y0a.dlc
2015-01-24 01:05 - 2015-01-24 01:05 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00002021 _____ () C:\Users\Public\Desktop\Remote Control Server.lnk
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Control Server
2015-01-24 01:02 - 2015-01-24 01:02 - 00000000 ____D () C:\Program Files (x86)\Remote Control Server
2015-01-24 01:01 - 2015-01-24 01:01 - 00000000 ____D () C:\Users\AKA\AppData\Local\Downloaded Installations
2015-01-24 01:00 - 2015-01-24 01:01 - 06752340 _____ (Steppschuh) C:\Users\AKA\Downloads\RemoteControlServerSetup.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-01-22 23:05 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-01-22 23:05 - 2014-11-15 20:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-01-22 23:05 - 2014-11-15 07:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-01-22 23:05 - 2014-11-14 15:36 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-22 23:05 - 2014-11-14 08:10 - 03558400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-01-22 23:05 - 2014-11-14 07:58 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-22 23:05 - 2014-11-14 07:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 07:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-22 23:05 - 2014-11-14 07:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-22 23:05 - 2014-11-14 07:53 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-22 23:05 - 2014-11-14 07:52 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-01-22 23:05 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-01-22 23:05 - 2014-11-14 06:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-22 23:05 - 2014-11-14 06:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-01-22 23:05 - 2014-11-14 06:03 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-22 23:05 - 2014-11-14 06:01 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-22 23:05 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-01-22 23:05 - 2014-11-11 01:39 - 22290560 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-22 23:05 - 2014-11-11 01:17 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-22 23:05 - 2014-11-10 19:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-01-22 23:05 - 2014-11-10 19:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-22 23:05 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-22 23:05 - 2014-11-10 03:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-01-22 23:05 - 2014-11-10 02:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-22 23:05 - 2014-11-10 02:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-22 23:05 - 2014-11-10 02:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-01-22 23:05 - 2014-11-10 02:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-22 23:05 - 2014-11-10 02:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 02:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-01-22 23:05 - 2014-11-10 01:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-22 23:05 - 2014-11-08 11:42 - 01390928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-01-22 23:05 - 2014-11-08 11:23 - 01127976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-01-22 23:05 - 2014-11-08 05:00 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-01-22 23:05 - 2014-11-08 05:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-01-22 23:05 - 2014-11-08 04:58 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-01-22 23:05 - 2014-11-08 04:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-01-22 23:05 - 2014-11-08 04:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-01-22 23:05 - 2014-11-08 04:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-01-22 23:05 - 2014-11-08 04:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-01-22 23:05 - 2014-11-08 03:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-01-22 23:05 - 2014-11-08 03:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-01-22 23:05 - 2014-11-08 03:09 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-01-22 23:05 - 2014-11-08 03:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-01-22 23:05 - 2014-11-08 02:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-01-22 23:05 - 2014-11-08 02:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-01-22 23:05 - 2014-11-08 02:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-01-22 23:05 - 2014-11-07 04:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-07 04:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-01-22 23:05 - 2014-11-05 03:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 03:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 03:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-01-22 23:05 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-01-22 23:05 - 2014-11-05 02:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-01-22 23:05 - 2014-11-05 02:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-01-22 23:05 - 2014-11-05 02:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-01-22 23:05 - 2014-11-05 02:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-01-22 23:05 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-01-22 23:05 - 2014-11-05 02:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-01-22 23:05 - 2014-11-05 02:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-01-22 23:05 - 2014-11-04 20:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-01-22 23:05 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-01-22 23:05 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-22 23:05 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-01-22 23:05 - 2014-11-04 07:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-01-22 23:05 - 2014-11-04 06:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-01-22 23:05 - 2014-10-31 01:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-31 01:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-01-22 23:05 - 2014-10-30 06:55 - 07473472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-22 23:05 - 2014-10-30 06:47 - 01499384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-01-22 23:05 - 2014-10-30 06:41 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-01-22 23:05 - 2014-10-29 04:05 - 00551232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-01-22 23:05 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-01-22 23:05 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-01-22 23:05 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-01-22 23:05 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-01-22 23:05 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-01-22 23:05 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-01-22 23:05 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-01-22 23:05 - 2014-10-26 23:10 - 00390841 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-01-22 23:05 - 2014-10-21 02:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-01-22 23:05 - 2014-10-21 02:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-01-22 23:05 - 2014-10-21 01:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-01-22 23:05 - 2014-10-21 01:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-01-22 23:05 - 2014-10-21 01:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-01-22 23:05 - 2014-10-21 01:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-01-22 23:05 - 2014-10-17 05:56 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-01-22 23:05 - 2014-10-17 05:56 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-01-22 23:05 - 2014-10-17 04:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys
2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-01-19 22:37 - 2015-01-19 22:39 - 69104008 _____ (SiSoftware ) C:\Users\AKA\Downloads\sisoftware_sandra_lite_2015_san2115.exe
2015-01-19 22:23 - 2015-01-19 22:23 - 02231742 _____ ( ) C:\Users\AKA\Downloads\diagnose_8.67.exe
2015-01-17 20:36 - 2015-01-17 20:36 - 00001560 _____ () C:\Users\AKA\Downloads\ml9794a2gzer40s.dlc
2015-01-17 20:22 - 2015-01-17 20:22 - 00002416 _____ () C:\Users\AKA\Downloads\4fu23mxpv10au24.dlc
2015-01-16 15:45 - 2015-01-16 15:45 - 00885880 _____ () C:\Users\AKA\Desktop\Bayer 04 Leverkusen print@home-Ticket.zip
2015-01-15 11:44 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-01-15 11:44 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-01-15 11:32 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-15 11:32 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-15 11:32 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-15 11:32 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-15 11:32 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-15 11:32 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-15 11:32 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-15 11:32 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 21:18 - 2015-01-13 21:18 - 00034800 _____ () C:\Users\AKA\Downloads\f84679105457909db5d0a867457197c4.dlc
2015-01-13 19:12 - 2015-01-13 19:14 - 00820488 _____ () C:\WINDOWS\Minidump\011315-111296-01.dmp
2015-01-12 16:56 - 2015-01-12 17:09 - 280500232 _____ () C:\Users\AKA\Downloads\ncis.s12e03.sof.rar
2015-01-11 22:00 - 2015-01-11 22:03 - 00000000 ____D () C:\Users\AKA\Desktop\usb
2015-01-11 22:00 - 2015-01-11 22:00 - 00108171 _____ () C:\Users\AKA\Downloads\usbdeview-x64.zip
2015-01-11 21:59 - 2015-01-11 21:59 - 00003244 _____ () C:\Users\AKA\Downloads\usbdeview_german.zip
2015-01-10 18:40 - 2015-01-10 18:40 - 00001412 _____ () C:\Users\AKA\Downloads\3e90oau2xrr05t7.dlc
2015-01-10 18:03 - 2015-01-10 18:03 - 00001264 _____ () C:\Users\AKA\Downloads\r3un2rxd08m294t.dlc
2015-01-09 22:29 - 2015-01-09 22:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-09 15:03 - 2015-01-09 15:03 - 00000222 _____ () C:\Users\AKA\Desktop\Age of Empires II HD Edition.url
2015-01-09 15:03 - 2015-01-09 15:03 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:41 - 2015-01-23 20:05 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-09 14:41 - 2015-01-09 14:41 - 00000979 _____ () C:\Users\Public\Desktop\Steam.lnk
2015-01-09 14:41 - 2015-01-09 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-01-09 14:40 - 2015-01-09 14:40 - 01142128 _____ () C:\Users\AKA\Downloads\SteamSetup.exe
2015-01-08 22:31 - 2015-01-08 22:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-05 20:15 - 2015-01-29 15:12 - 00005537 _____ () C:\WINDOWS\setupact.log
2015-01-05 20:15 - 2015-01-05 20:15 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-03 19:08 - 2015-01-10 19:28 - 00000000 ____D () C:\Users\AKA\Desktop\Tarihe Yolculuk
2015-01-03 18:45 - 2015-01-03 18:45 - 00000000 ____D () C:\Users\Public\Documents\Adobe
2015-01-03 18:44 - 2015-01-03 18:46 - 00000000 ____D () C:\Program Files\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-01-03 18:43 - 2015-01-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2015-01-03 18:42 - 2015-01-03 18:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-03 18:41 - 2015-01-03 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
2015-01-03 18:41 - 2015-01-03 18:41 - 00001013 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-03 18:41 - 2015-01-03 18:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-01 12:24 - 2015-01-01 13:37 - 1066171576 _____ () C:\Users\AKA\Downloads\krdy91ltrg.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-29 23:45 - 2014-05-28 10:32 - 01694192 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-29 23:16 - 2014-10-27 13:06 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-29 23:11 - 2014-03-18 11:04 - 01785036 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-29 23:11 - 2014-03-18 10:25 - 00768266 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-29 23:11 - 2014-03-18 10:25 - 00160576 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-29 23:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-29 15:13 - 2014-05-28 12:13 - 00000000 __RDO () C:\Users\AKA\OneDrive
2015-01-29 15:12 - 2014-11-22 19:44 - 00000497 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-01-29 15:12 - 2014-10-27 13:06 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-29 15:11 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-29 15:08 - 2014-05-28 10:38 - 00000000 ____D () C:\Users\AKA
2015-01-29 13:21 - 2014-08-19 10:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-29 12:59 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-29 12:42 - 2014-08-01 00:38 - 00033460 _____ () C:\WINDOWS\PFRO.log
2015-01-29 12:30 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-28 11:05 - 2014-05-22 14:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1015216767-4129399232-3615065482-1001
2015-01-27 13:17 - 2014-10-27 13:08 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 02:26 - 2014-05-23 15:24 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\vlc
2015-01-26 00:16 - 2014-05-22 16:17 - 00000000 ____D () C:\Users\AKA\Desktop\Neuer Ordner
2015-01-25 20:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-25 11:48 - 2014-05-25 20:28 - 00000000 ____D () C:\Users\AKA\Downloads\J dow
2015-01-24 21:20 - 2014-12-11 16:52 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-12-11 16:52 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 19:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-23 19:18 - 2014-05-23 22:51 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Skype
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-01-22 23:14 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-01-22 23:04 - 2014-11-12 11:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-22 23:04 - 2014-11-12 11:43 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-18 01:31 - 2014-05-23 23:11 - 00000000 ____D () C:\Program Files (x86)\Eclipse Java
2015-01-17 21:14 - 2014-10-21 11:41 - 00034605 _____ () C:\WINDOWS\DirectX.log
2015-01-15 11:44 - 2014-05-27 16:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-15 11:36 - 2014-05-27 16:49 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-14 21:53 - 2014-12-19 20:31 - 00005044 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI
2015-01-11 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-09 00:14 - 2014-05-22 22:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 00:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-09 00:14 - 2012-07-26 06:26 - 00000167 _____ () C:\WINDOWS\win.ini
2015-01-09 00:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 22:40 - 2014-12-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-04 23:08 - 2014-11-19 18:46 - 00000000 ____D () C:\Users\AKA\Desktop\Mathe
2015-01-04 23:08 - 2014-10-13 16:08 - 00000000 ____D () C:\Users\AKA\Desktop\GE1 Dederich
2015-01-04 23:08 - 2014-10-10 16:21 - 00000000 ____D () C:\Users\AKA\Desktop\Patch_SchulMathe
2015-01-03 19:00 - 2014-05-30 21:07 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-01-03 18:46 - 2014-05-27 12:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-03 18:46 - 2014-05-22 14:39 - 00000000 ____D () C:\Users\AKA\AppData\Roaming\Adobe
2015-01-03 18:43 - 2014-05-24 00:22 - 00000000 ____D () C:\Users\AKA\AppData\Local\Adobe
2015-01-03 18:43 - 2014-05-22 22:27 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-01 00:56 - 2014-12-26 15:42 - 731814810 _____ () C:\Users\AKA\Downloads\krtlrvdsps241ltrg.rar

==================== Files in the root of some directories =======

2014-06-06 14:41 - 2014-06-06 14:41 - 0000000 _____ () C:\Users\AKA\AppData\Roaming\gdfw.log
2014-06-06 14:41 - 2014-06-06 14:41 - 0000779 _____ () C:\Users\AKA\AppData\Roaming\gdscan.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-28 11:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---


additon
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by AKA at 2015-01-29 23:52:23
Running from C:\Users\AKA\Desktop\Neuer Ordner (2)
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3MobileWiFi (HKLM-x32\...\3MobileWiFi) (Version: WIN1.01.01.156 - Huawei Technologies Co.,Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.17.666 - Atmel)
AVRStudio4 (x32 Version: 4.17.666 - Atmel) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{8DCCC556-265B-478A-8B32-C12DA988BA74}) (Version: 0.9.4.4079 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 16 (v1.5.0) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 All in One Update - Pack 1.00 (HKLM-x32\...\Borderlands 2 All in One Update - Pack 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands The Pre Sequel GERMAN (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
calibre (HKLM-x32\...\{B364DC2A-9783-4737-B795-D6F0562A41C5}) (Version: 0.8.61 - Kovid Goyal)
Camera Recorder (HKLM-x32\...\{3BDDA587-7CDE-430C-90A4-E2C4E48D3AE9}) (Version: 1.0.909.0801 - Camera Recorder)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{D9ABE01A-6E18-4F30-9ED6-2494A5019074}) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05170 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05170 - Cisco Systems, Inc.) Hidden
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.830 - Corel Inc.)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.4.0 - )
Dropbox (HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{7A6577E7-F341-430F-9173-91E14E2DE270}_is1) (Version: 1.0 - Electronic Arts)
Flip 3.3.4 (HKLM-x32\...\flip.exe) (Version: 3.3.4 - Atmel)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Video to MP3 Converter version 5.0.42.530 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.42.530 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Wireless Mouse Suite 2.8 (HKLM-x32\...\{C7EF1D07-8CC6-4532-A4C9-37612FCB3410}) (Version: 2.8 - Hewlett-Packard)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Programm für die Prozessorerkennung (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.90.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Java-Editor 12.2, 2013.10.2 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.06.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.45.0 - JMicron Technology Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Motorola Bluetooth (HKLM\...\1DF1F719-D43A-46E8-950F-65A8D96C678A.MBT_is1) (Version: 3.0.02.280 - Motorola, Inc.)
MSI Afterburner 3.0.0 (HKLM-x32\...\Afterburner) (Version: 3.0.0 - MSI Co., LTD)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
NetBeans IDE 7.4 (HKLM-x32\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovi Desktop Sync Engine (x32 Version: 1.5.161.0 - Nokia) Hidden
OviMPlatform (x32 Version: 2.7.44.2 - Nokia) Hidden
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Quartus II Web Edition (Free) 13.0.1.232 (HKLM-x32\...\Quartus II Web Edition (Free) 13.0.1.232) (Version: 13.0sp1 - Altera Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5951 - Realtek Semiconductor Corp.)
Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.210.0617.007 - Micro-Star International Co., Ltd.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
WinAVR 20090313 (remove only) (HKLM-x32\...\WinAVR-20090313) (Version: 20090313 - )
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Ralink Technology, Corp. (netr28x) Net  (07/06/2010 3.01.08.0001) (HKLM\...\DDAB5FC44964BD27F18121236A6EB5719FB86ECC) (Version: 07/06/2010 3.01.08.0001 - Ralink Technology, Corp.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WOT für Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1015216767-4129399232-3615065482-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\AKA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-01-2015 12:56:39 Ende der Bereinigung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-27 17:54 - 2015-01-27 17:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0447227E-6DAA-4E9C-8E37-E21D8F9CCF10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {128732B2-5BFB-40CB-98F3-6382F5317557} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {2A3579F1-F34A-4EEC-A433-0855EFBDDF33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {30DF1A22-C561-4FE9-9AEA-B314A7B17593} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MSI-AKA MSI => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {56E60A3F-3B1A-4BA2-8752-6D284D0DA63D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6518BCCB-0C13-42ED-B4F2-077193F8677D} - System32\Tasks\{24DB3F75-DC74-40D7-9585-49A3DF45E361} => pcalua.exe -a D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned\ssetup.exe -d D:\Treiber\Windows_SM56_6.12.25.05_DF_AppSigned\Windows_SM56_6.12.25.05_DF_AppSigned
Task: {A7D013F5-6FFD-4B64-A5B4-76FE8221D26D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {E4152EF4-F89F-4314-B1BF-C410842453AC} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1015216767-4129399232-3615065482-1001
Task: {EB70BC40-11A0-4944-832D-74A22D2239EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FB27B213-A09F-44C2-865A-2EB0EAB07F48} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-28 10:32 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-23 22:59 - 2013-06-13 06:15 - 00268800 _____ () C:\altera\13.0sp1\quartus\bin64\jtagserver.exe
2014-05-23 22:59 - 2013-06-13 06:13 - 00029184 _____ () C:\altera\13.0sp1\quartus\bin64\ccl_ver.dll
2014-05-23 22:59 - 2013-06-13 02:41 - 00879616 _____ () C:\altera\13.0sp1\quartus\bin64\dinkum_alt.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00184320 _____ () C:\ProgramData\HP Link5 Config\PelLinkS.exe
2014-06-17 19:09 - 2013-05-06 14:45 - 00329848 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-12-19 03:42 - 2013-12-19 03:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00288768 _____ () C:\ProgramData\HP Link5 Config\VolOSD.exe
2014-06-11 04:34 - 2014-06-11 04:34 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-02-26 01:28 - 2013-02-26 01:28 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00079360 _____ () C:\ProgramData\HP Link5 Config\PelComm.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00047104 _____ () C:\ProgramData\HP Link5 Config\PelDrv.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00459264 _____ () C:\ProgramData\HP Link5 Config\PelHooks.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00108032 _____ () C:\ProgramData\HP Link5 Config\PelUtil.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00028672 _____ () C:\ProgramData\HP Link5 Config\PelMagnf.dll
2012-12-17 07:57 - 2012-12-17 07:57 - 00131072 _____ () C:\ProgramData\HP Link5 Config\PelScrll.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 13:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.93\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\AKA\OneDrive:ms-properties
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "NokiaMServer"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-1015216767-4129399232-3615065482-500 - Administrator - Disabled)
AKA (S-1-5-21-1015216767-4129399232-3615065482-1001 - Administrator - Enabled) => C:\Users\AKA
Gast (S-1-5-21-1015216767-4129399232-3615065482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1015216767-4129399232-3615065482-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: JMicron OHCI Compliant IEEE 1394 Host Controller
Description: JMicron OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6bdd1fc1-810f-11d0-bec7-08002be2092f}
Manufacturer: JMicron Technology Corp.
Service: ohci1394
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/29/2015 03:12:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 02:34:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/29/2015 02:29:15 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/29/2015 02:26:12 PM) (Source: VSS) (EventID: 4001) (User: )
Description: Volumeschattenkopie-Dienstfehler: Es wurden keine Vergleichsbereiche zum Erstellen von Schattenkopien gefunden.
Fügen Sie dem System mindestens ein NTFS-Laufwerk mit ausreichend Speicherplatz hinzu.
Pro Volumesicherung bzw. -schattenkopie wird mindestens folgender freier Speicherplatz benötigt: 320 MB.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Volumename: \\?\Volume{e9d59ab5-a61e-11e4-bec9-002421f5267c}\
   Ausführungskontext: System Provider

Error: (01/29/2015 01:22:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 01:04:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 00:49:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Error: (01/29/2015 00:43:03 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 00:29:55 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 00000000000001B0,0x00530194,0000000000000000,0,00000052CC2BC8A0,4096,[0]).


Vorgang:
   Schattenkopien abfragen

Error: (01/29/2015 00:21:04 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (01/29/2015 11:08:16 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "MSI            :0" konnte nicht auf der Schnittstelle mit IP-Adresse 10.213.223.149
registriert werden. Der Computer mit IP-Adresse 169.254.142.168 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/29/2015 11:08:16 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "MSI            :20" konnte nicht auf der Schnittstelle mit IP-Adresse 10.213.223.149
registriert werden. Der Computer mit IP-Adresse 169.254.142.168 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/29/2015 11:08:16 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{EBB6B51E-CD66-48AB-85D9-6E3F3CD4132B} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/29/2015 03:12:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/29/2015 03:11:39 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: F:\Device\HarddiskVolume43

Error: (01/29/2015 01:22:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (01/29/2015 01:21:29 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: F:\Device\HarddiskVolume43

Error: (01/29/2015 01:21:43 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000ef (0xffffe00125d44080, 0x0000000000000001, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP012915-22015-01

Error: (01/29/2015 01:21:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎01.‎2015 um 13:04:03 unerwartet heruntergefahren.

Error: (01/29/2015 01:04:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064


Microsoft Office Sessions:
=========================
Error: (01/29/2015 03:12:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 02:34:02 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/29/2015 02:29:15 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/29/2015 02:26:12 PM) (Source: VSS) (EventID: 4001) (User: )
Description: 320

Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Volumename: \\?\Volume{e9d59ab5-a61e-11e4-bec9-002421f5267c}\
   Ausführungskontext: System Provider

Error: (01/29/2015 01:22:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 01:04:47 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 00:49:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Users\AKA\Downloads\esetsmartinstaller_deu.exe

Error: (01/29/2015 00:43:03 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (01/29/2015 00:29:55 PM) (Source: VSS) (EventID: 12305) (User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 00000000000001B0,0x00530194,0000000000000000,0,00000052CC2BC8A0,4096,[0])

Vorgang:
   Schattenkopien abfragen

Error: (01/29/2015 00:21:04 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
  Date: 2014-06-05 16:59:10.933
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-05 16:59:10.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 17:56:07.394
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:52.053
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 10:05:51.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-04 09:59:03.047
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.293
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:42:07.246
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-06-03 10:39:48.300
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 33%
Total physical RAM: 8174.06 MB
Available physical RAM: 5471.2 MB
Total Pagefile: 16366.06 MB
Available Pagefile: 11407.52 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:405.67 GB) (Free:195.53 GB) NTFS
Drive d: () (Fixed) (Total:292.63 GB) (Free:208.86 GB) NTFS
Drive f: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:0.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A443BC6C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 04A906DB)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Habe noch mit Malbay nur die externe Kontrollieren lassen


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 29.01.2015
Suchlauf-Zeit: 23:15:48
Logdatei: mmby.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.29.10
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: AKA

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 380456
Verstrichene Zeit: 31 Min, 53 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Warnen

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

Alt 30.01.2015, 08:51   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Windows-Taste + R, schreibe CMD und drück Enter. Schreibe nun:

attrib -s -h F:\Datei

und drück enter. F steht für den Laufwerksbuchstaben, der passt ja. Datei musst Du durch den Namen der Datei inklusive Dateiendung ersetzen.

Diesen befehl dann für jede Datei wiederholen. Dann werden die wieder sichtbar, und du kannst die Verknüpfungen anschliessend löschen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.01.2015, 10:04   #14
ak16
 
Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by AKA at 2015-01-30 10:21:15 Run:2
Running from C:\Users\AKA\Desktop\Neuer Ordner (2)
Loaded Profiles: AKA &  (Available profiles: AKA)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} - "F:\XSManagerinstallation.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4efed-2781-11e4-bea0-002421f5267c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\...\MountPoints2: {6bd4f011-2781-11e4-bea0-002421f5267c} - "G:\AutoRun.exe" 
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2501368 2014-10-29] (Microsoft Corporation) <==== ATTENTION 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
         
*****************

HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} => Key not found. 
HKCR\CLSID\{4ac0c0a7-e1ba-11e3-be68-0022fbbeaf3c} => Key not found. 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bd4efed-2781-11e4-bea0-002421f5267c} => Key not found. 
HKCR\CLSID\{6bd4efed-2781-11e4-bea0-002421f5267c} => Key not found. 
HKU\S-1-5-21-1015216767-4129399232-3615065482-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6bd4f011-2781-11e4-bea0-002421f5267c} => Key not found. 
HKCR\CLSID\{6bd4f011-2781-11e4-bea0-002421f5267c} => Key not found. 
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
HKLM\SOFTWARE\Policies\Google => Key not found. 
EmptyTemp: => Removed 451.2 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:22:29 ====
         

Ok danke hab wieder zugriff auf die Daten.

warte jetzt auf weitere Anweisungen

Alt 30.01.2015, 11:25   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Standard

Ordner auf Wechselmedien werden als Verknüpfung angezeigt



Also das mit Attrib gemacht? Verknüpfungen gelöscht?

Wenn ja sind wir fertig
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Ordner auf Wechselmedien werden als Verknüpfung angezeigt
angezeigt, antivirus, beachten, check, data, daten, einfach, externe festplatte, festplatte, formatieren, freund, hallo zusammen, interne, nachfrage, natürlich, ordner, platte, problem, programm, rechner, security, system, verknüpfung, windows, zusammen



Ähnliche Themen: Ordner auf Wechselmedien werden als Verknüpfung angezeigt


  1. Trojaner - Ordner werden zu Verknüpfung - Recycled (Verknüpfung) Recycler -system32
    Log-Analyse und Auswertung - 13.04.2014 (33)
  2. Win7: Dateien von USB Stick werden als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 07.03.2014 (7)
  3. Ordner auf externer Festplatte und USB-Sticks als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (3)
  4. Ordner auf Wechselmedien werden als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 18.01.2013 (28)
  5. Ordner werden auf dem Stick als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 29.02.2012 (1)
  6. Trojaner/Virus -zeigt sich durch Ordner auf externen Festplatte die als Verknüpfung angezeigt werden
    Log-Analyse und Auswertung - 28.02.2012 (29)
  7. Ordner auf Wechselmedien werden als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 09.01.2012 (24)
  8. Ordner im USB Stick oder Handy werden als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 04.12.2011 (1)
  9. Ordner auf Wechselmedien werden als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 04.12.2011 (1)
  10. 2. Fall - Ordner auf USB-Stick werden nur noch als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 02.12.2011 (1)
  11. Facebook.Virus / Datein auf USB-Geräten werden nur noch als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 08.11.2011 (4)
  12. Ordner auf USB-Stick werden nur noch als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 01.11.2011 (5)
  13. Trojaner von Facebook geladen - Ordner werden als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 28.10.2011 (19)
  14. USB Ordner werden nur mehr als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 21.10.2011 (11)
  15. Ordner auf USB-Sticks werden nur als Verknüpfung dargestellt
    Log-Analyse und Auswertung - 19.10.2011 (34)
  16. Ordner auf externer Festplatte als Verknüpfung angezeigt
    Plagegeister aller Art und deren Bekämpfung - 09.05.2011 (3)
  17. Nach Trojaner werden Ordner auf externe Festplatte nur noch als Verknüpfung angezeigt
    Log-Analyse und Auswertung - 05.05.2011 (33)

Zum Thema Ordner auf Wechselmedien werden als Verknüpfung angezeigt - Hallo zusammen, hab das selbe Problem wie der User hier, will eine Externe Festplatte von einen Freund reinigen http://www.trojaner-board.de/129505-...angezeigt.html bevor ich an die selben Lösungs ansetzte gehe wollte ich nochmal - Ordner auf Wechselmedien werden als Verknüpfung angezeigt...
Archiv
Du betrachtest: Ordner auf Wechselmedien werden als Verknüpfung angezeigt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.