Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Programme auf einer Partition deinstallieren / löschen sich selbstständig

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.03.2015, 17:39   #1
RSH
 
Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



Hallo liebe Leute,

System: Windows 8.1 64-bit

Gestern bemerkte ich dass auf einer Partition im Laufe des Tages in einem bestimmten Überordner Programme verschwunden sind, deren Löschung/deinstallation ich nicht veranlasst habe. Bemerkt habe ich den Dateiverlust dadurch, dass auf dem Desktop Verknüpfungsleichen ohne Icon zurückgeblieben sind. Auf der betroffenen Partition blieben manchmal leere Ordner zurück, manchmal schien nur die .exe gelöscht. Andere Ordner sind komplett und spurlos verschwunden. Die Partition schein ansonsten nicht angegriffen zu sein, Datenverlust trat soweit ich das beurteilen kann nur in dem Überordner auf in dem das Spiel installiert war.

Vorausgegangen ist dem eine Installation eines SecuRom benutzenden Spieles von DVD (dieses Spiel war auch das einzige Programm das in diesem Überordner unangetastet geblieben ist), sowie Verbindung zu meinem Universitätsproxyserver über den Chromebrowser (nach Anleitung auf der Rechenzentrumsseite der Universität). Ansonsten sind mir keine variablen bewusst bekannt die damit zusammenhängen könnten.

Sofortmaßnahmen die ich ergriffen habe:

Malwarebytes AntiMalware Trial installiert und einen scan durchgeführt - kein Ergebnis
Scan der Partition mit Panda Antivirus 2015 - kein Ergebnis
Deinstallation des Spiels
Restlose(?) Deinstallation von SecuRom durch das SecuRom removal tool.

Derzeit läuft ein Komplett Scan aller angeschlossenen Datenträger via Panda Antivirus 2015

Weiterhin habe ich keinen Datenverlust feststellen können, habe aber natürlich Angst, dass Daten in anderen Ordnern und auf anderen Partitionen aus heiterem Himmel verschwinden.

Was könnte dafür die Ursache sein? So ein dermaßen aggressiver Virus wäre mir noch nicht untergekommen.

Unter ferner liefen erwähne ich noch folgendes: Meine Freundin hat während ich ausser Haus war den PC heruntergefahren, da die Festplatte sehr laut und anhaltend gearbeitet hat. Das kann passieren, da ich die Windows Indizierung angeschaltet habe und deswgen phasenweise auch ohne Benutzereingriff Festplattenzugriffe stattfinden.

Die Festplattengeräusche könnten aber auch auf die Löschung der Dateien hingedeutet haben. Ferner ist es denkmöglich, dass meine Freundin die Dateien in dem Ordner ohne mein Wissen unsauber gelöscht hat, was ich jedoch für äusserst unwahrscheinlich halte. Solche Kindereien sind nicht ihre Art.
Ein unsachgemäßes Herunterfahren des Computers ist meiner Erfahrung nach nicht Ursache von selektivem Datenverlust in einem Ordner, oder liege ich hier falsch?


Vielen Dank im voraus für die Beschäftigung mit meinem Problem!

Alt 07.03.2015, 17:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.03.2015, 18:14   #3
RSH
 
Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



Frst.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
Ran by knstrkt (administrator) on BIRDY on 07-03-2015 17:53:36
Running from F:\Downloads
Loaded Profiles: knstrkt (Available profiles: knstrkt)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) O:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) O:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) O:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) O:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) O:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) O:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) O:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Microsoft Corporation) O:\Windows\System32\dllhost.exe
(Google Inc.) O:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) O:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(AMD) O:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) O:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) O:\Windows\System32\dllhost.exe
(Rdl) O:\Program Files (x86)\Alt.Binz\altbinz.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Panda Security, S.L.) O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) O:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Autodesk Sync] => O:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => O:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => O:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => O:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => O:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => O:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
HKLM-x32\...\Run: [SunJavaUpdateSched] => O:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [PSUAMain] => O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] O:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Run: [Google Update] => O:\Users\knstrkt\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-06] (Google Inc.)
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Run: [SkyDrive] => O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [251048 2014-07-06] (Microsoft Corporation)
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Run: [Raptr] => O:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc)
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Run: [DAEMON Tools Lite] => O:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Run: [GoogleDriveSync] => O:\Program Files (x86)\Google\Drive\googledrivesync.exe [23308256 2015-01-15] (Google)
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\MountPoints2: {10b2aa75-76cf-11e2-be8e-d43d7e3441d9} - "L:\LaunchU3.exe" -a
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\MountPoints2: {8e80ee61-f87c-11e2-bed8-d43d7e3441d9} - "H:\Autorun.exe" 
Startup: O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> O:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1166866377-2740738264-2732345081-1001] => napo.fu-berlin.de:80
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> O:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> O:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> O:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> O:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> O:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> O:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> O:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> O:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> O:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - O:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Hosts: 127.0.0.1	localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> O:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> O:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> O:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> O:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> O:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> O:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> O:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> O:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> O:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> O:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> O:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> O:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> O:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> O:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> O:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> O:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> O:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1166866377-2740738264-2732345081-1001: @talk.google.com/GoogleTalkPlugin -> O:\Users\knstrkt\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1166866377-2740738264-2732345081-1001: @talk.google.com/O1DPlugin -> O:\Users\knstrkt\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-1166866377-2740738264-2732345081-1001: @tools.google.com/Google Update;version=3 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-1166866377-2740738264-2732345081-1001: @tools.google.com/Google Update;version=9 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-1166866377-2740738264-2732345081-1001: thehappycloud.com/HappyCloudPlugin -> O:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: O:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: O:\Users\knstrkt\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: O:\Users\knstrkt\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube Center) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajijnmbjgaeekdpmpohgppkckmnagimk [2015-01-19]
CHR Extension: (Angry Birds) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-12-01]
CHR Extension: (Google Drive) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-01]
CHR Extension: (Google Search) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-01]
CHR Extension: (Google Play Music) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-01-04]
CHR Extension: (AdBlock) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-12-01]
CHR Extension: (Downloads) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2012-12-01]
CHR Extension: (Blocker) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\jphfnnacagbhfelldlccmiocmdodnlio [2013-02-19]
CHR Extension: (Application Launcher for Drive (by Google)) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-24]
CHR Extension: (Google Wallet) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Greyscale) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm [2012-12-01]
CHR Extension: (Gmail) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-01]
CHR Profile: O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-13]
CHR Extension: (YouTube) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Google Search) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Google Sheets) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-13]
CHR Extension: (Google Wallet) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - O:\Users\knstrkt\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; O:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-11-23] () [File not signed]
S3 BthHFSrv; O:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Creative Audio Engine Licensing Service; O:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-07-03] (Creative Labs) [File not signed]
R2 CTAudSvcService; O:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S3 Futuremark SystemInfo Service; O:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2015-02-09] (Futuremark)
S2 igfxCUIService1.0.0.0; O:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S3 jswpsapi; O:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\WPS\jswpsapi.exe [954368 2011-10-22] (Wireless) [File not signed]
R2 MBAMScheduler; O:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; O:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 NanoServiceMain; O:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)
S2 Net Driver HPZ12; O:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PandaAgent; O:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
S2 Pml Driver HPZ12; O:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PSUAService; O:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
S3 WdNisSvc; O:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; O:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; O:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; O:\Windows\system32\drivers\AtihdW86.sys [104184 2012-12-21] (Advanced Micro Devices)
S3 dot4; O:\Windows\system32\DRIVERS\Dot4.sys [146856 2014-02-21] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; O:\Windows\System32\drivers\Dot4Prt.sys [21928 2014-02-21] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; O:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-07-29] (DT Soft Ltd)
R3 MBAMProtector; O:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; O:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; O:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R1 NNSALPC; O:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; O:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; O:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; O:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; O:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; O:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; O:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; O:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; O:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; O:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; O:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; O:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; O:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; O:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; O:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; O:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; O:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; O:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; O:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
U3 PSKMAD; O:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
U5 VWiFiFlt; O:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdNisDrv; O:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 cpuz135; \??\O:\Users\knstrkt\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 cpuz138; \??\O:\WINDOWS\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 GPUZ; \??\O:\WINDOWS\TEMP\GPUZ.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-07 17:50 - 2015-03-07 17:53 - 00000000 ____D () O:\FRST
2015-03-07 09:00 - 2015-03-07 09:00 - 00003176 ____N () O:\bootsqm.dat
2015-03-07 09:00 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) O:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-03-07 02:22 - 2015-03-07 17:23 - 00129752 _____ (Malwarebytes Corporation) O:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-07 02:22 - 2015-03-07 02:22 - 00001118 _____ () O:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-07 02:22 - 2015-03-07 02:22 - 00000000 ____D () O:\ProgramData\Malwarebytes
2015-03-07 02:22 - 2015-03-07 02:22 - 00000000 ____D () O:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-07 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) O:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-07 02:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) O:\WINDOWS\system32\Drivers\mwac.sys
2015-03-07 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) O:\WINDOWS\system32\Drivers\mbam.sys
2015-03-06 19:39 - 2015-03-07 01:10 - 00012721 _____ () O:\Users\knstrkt\Desktop\Mappe1.xlsx
2015-03-06 12:51 - 2015-03-06 12:51 - 00000000 ____D () O:\Users\knstrkt\Documents\Rockstar Games
2015-03-06 12:43 - 2015-03-06 12:49 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Rockstar Games
2015-03-05 19:30 - 2015-03-07 02:47 - 00000195 _____ () O:\WINDOWS\wininit.ini
2015-03-05 19:24 - 2015-03-05 19:24 - 00000202 _____ () O:\Users\knstrkt\Desktop\The Way of Life.url
2015-03-05 16:28 - 2015-03-05 16:33 - 00000000 ____D () O:\Users\knstrkt\Heaven
2015-03-05 16:28 - 2015-03-05 16:28 - 00000834 _____ () O:\Users\Public\Desktop\Heaven Benchmark 4.0.lnk
2015-03-05 16:27 - 2015-02-26 16:41 - 258726655 _____ (Unigine Corp. ) O:\Users\knstrkt\Desktop\Unigine_Heaven-4.0.exe
2015-03-04 15:21 - 2015-03-07 02:47 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-03-04 15:21 - 2015-03-04 15:21 - 00000000 ____D () O:\WINDOWS\solcache
2015-03-04 15:21 - 1998-10-30 22:21 - 01022976 _____ (Cendant Software) O:\WINDOWS\SysWOW64\SierraNW.dll
2015-03-04 15:21 - 1998-10-30 22:21 - 00231936 _____ (Cendant Software) O:\WINDOWS\SysWOW64\SNWValid.dll
2015-03-04 15:20 - 2015-03-06 19:03 - 00000447 _____ () O:\WINDOWS\SIERRA.INI
2015-03-04 15:20 - 1997-07-14 17:42 - 00314880 _____ (InstallShield Software Corporation) O:\WINDOWS\IsUninst.exe
2015-03-04 13:38 - 2015-03-04 13:52 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Boom Audio Player
2015-03-04 13:36 - 2015-03-04 13:36 - 00001047 _____ () O:\Users\Public\Desktop\foobar2000.lnk
2015-03-04 13:36 - 2015-03-04 13:36 - 00000000 ____D () O:\Program Files (x86)\foobar2000
2015-03-02 19:50 - 2015-03-02 19:50 - 00000000 ____D () O:\Users\knstrkt\Documents\Offworld
2015-03-02 12:23 - 2015-03-02 12:25 - 00000000 ____D () O:\Users\knstrkt\Desktop\nzbget-14.2
2015-03-01 17:08 - 2015-03-01 17:09 - 34334606 _____ () O:\Users\knstrkt\Desktop\torbrowser-install-4.0.4_en-US.exe
2015-03-01 17:04 - 2015-03-02 01:21 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\tor
2015-03-01 17:02 - 2015-03-01 22:05 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Vidalia
2015-03-01 04:30 - 2015-03-01 04:30 - 00000000 ____D () O:\Users\knstrkt\Documents\Petroglyph
2015-03-01 04:23 - 2015-03-07 01:49 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grey Goo
2015-02-28 21:46 - 2015-02-28 21:46 - 00001423 _____ () O:\Users\knstrkt\Desktop\altbinz.exe - Verknüpfung.lnk
2015-02-28 20:39 - 2015-02-28 20:39 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\dvdcss
2015-02-28 17:36 - 2015-02-28 17:36 - 00002732 _____ () O:\Users\knstrkt\Unigine_Valley_Benchmark_1.0_20150228_1736.html
2015-02-28 15:32 - 2015-02-28 15:32 - 00156326 _____ () O:\Users\knstrkt\Desktop\BIRDY.txt
2015-02-28 14:44 - 2015-02-28 14:44 - 00001420 _____ () O:\Users\knstrkt\Desktop\iTurbo.exe - Verknüpfung.lnk
2015-02-28 14:13 - 2015-02-28 14:13 - 00000834 _____ () O:\Users\Public\Desktop\3DMark.lnk
2015-02-28 13:37 - 2015-02-28 13:37 - 00006142 _____ () O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoulseekQt.lnk
2015-02-28 13:16 - 2015-01-24 19:40 - 01710888 _____ (techPowerUp (www.techpowerup.com)) O:\Users\knstrkt\Desktop\GPU-Z.0.8.1.exe
2015-02-28 05:35 - 2015-03-07 09:00 - 00001411 _____ () O:\WINDOWS\setupact.log
2015-02-28 05:35 - 2015-02-28 05:35 - 00000000 _____ () O:\WINDOWS\setuperr.log
2015-02-28 04:20 - 2015-02-28 04:20 - 00000929 _____ () O:\Users\knstrkt\Desktop\Homeworld Remastered Collection.lnk
2015-02-28 04:20 - 2015-02-28 04:20 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Homeworld Remastered Collection
2015-02-28 03:57 - 2015-02-28 03:57 - 00001007 _____ () O:\Users\knstrkt\Desktop\SABnzbd.lnk
2015-02-28 03:57 - 2015-02-28 03:57 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\sabnzbd
2015-02-28 01:51 - 2015-02-28 01:51 - 00000812 _____ () O:\WINDOWS\EF.ini
2015-02-28 01:51 - 2015-02-28 01:51 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raven Software
2015-02-28 01:50 - 2000-05-18 16:26 - 00328704 _____ (InstallShield Software Corporation ) O:\WINDOWS\IsUn0407.exe
2015-02-28 00:36 - 2015-02-28 00:36 - 00000000 ____D () O:\Program Files (x86)\HIS iTurbo
2015-02-27 23:43 - 2015-03-06 15:25 - 00000000 ____D () O:\Program Files (x86)\RivaTuner Statistics Server
2015-02-27 23:42 - 2015-02-27 23:44 - 00000000 ____D () O:\Program Files (x86)\MSI Afterburner
2015-02-27 23:42 - 2015-02-27 23:42 - 00001102 _____ () O:\Users\knstrkt\Desktop\MSI Afterburner.lnk
2015-02-27 21:08 - 2015-02-28 01:47 - 00000088 _____ () O:\Users\knstrkt\Desktop\HWiNFO64.INI
2015-02-27 21:06 - 2015-01-28 09:46 - 02358160 _____ (REALiX) O:\Users\knstrkt\Desktop\HWiNFO64.exe
2015-02-27 18:38 - 2015-02-28 21:24 - 00000022 _____ () O:\WINDOWS\GPU-Z.INI
2015-02-27 18:37 - 2015-02-28 21:27 - 00000000 ____D () O:\Users\knstrkt\Documents\3DMark
2015-02-27 18:37 - 2015-02-28 14:16 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Futuremark
2015-02-27 00:24 - 2015-02-27 00:24 - 00000144 _____ () O:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-02-26 22:16 - 2015-02-28 03:57 - 00000000 ____D () O:\Program Files (x86)\SABnzbd
2015-02-26 19:24 - 2015-02-26 19:24 - 00002647 _____ () O:\Users\knstrkt\Unigine_Valley_Benchmark_1.0_20150226_1923.html
2015-02-26 19:17 - 2015-02-26 19:18 - 00000000 ____D () O:\Users\knstrkt\Valley
2015-02-26 19:16 - 2015-03-07 17:17 - 02128896 _____ () O:\Users\knstrkt\AppData\Local\file__0.localstorage
2015-02-26 16:43 - 2015-02-26 16:43 - 00002133 _____ () O:\Users\Public\Desktop\Valley Benchmark 1.0.lnk
2015-02-26 16:43 - 2015-02-26 16:43 - 00000000 ____D () O:\Program Files (x86)\Unigine
2015-02-26 16:30 - 2015-02-27 21:01 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\ALLBenchmark
2015-02-26 16:29 - 2015-02-26 16:29 - 00000872 _____ () O:\Users\Public\Desktop\Catzilla.lnk
2015-02-26 16:29 - 2015-02-26 16:29 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALLBenchmark
2015-02-26 16:28 - 2015-02-26 16:29 - 00000000 ____D () O:\Program Files\ALLBenchmark
2015-02-26 12:59 - 2015-02-26 12:59 - 00000451 _____ () O:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-02-25 19:09 - 2015-02-25 19:09 - 00000000 ____D () O:\Program Files\Intel
2015-02-25 17:41 - 2014-12-13 22:28 - 00513488 _____ () O:\WINDOWS\SysWOW64\locale.nls
2015-02-25 17:41 - 2014-12-13 22:28 - 00513488 _____ () O:\WINDOWS\system32\locale.nls
2015-02-25 02:56 - 2015-02-28 00:16 - 00007881 _____ () O:\Users\knstrkt\Documents\TombRaider.log
2015-02-24 18:40 - 2015-02-24 18:40 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Gas Powered Games
2015-02-24 17:27 - 2015-02-24 17:27 - 00000201 _____ () O:\Users\knstrkt\Desktop\Supreme Commander 2.url
2015-02-24 15:17 - 2015-02-24 15:17 - 00000202 _____ () O:\Users\knstrkt\Desktop\Tomb Raider.url
2015-02-24 12:38 - 2015-02-24 12:38 - 00000202 _____ () O:\Users\knstrkt\Desktop\Hitman Absolution.url
2015-02-23 19:04 - 2015-02-23 19:04 - 00000202 _____ () O:\Users\knstrkt\Desktop\Thief.url
2015-02-23 18:34 - 2015-02-23 18:46 - 00000000 ____D () O:\Users\knstrkt\Documents\BotaniculaSaves
2015-02-23 15:28 - 2015-02-23 15:28 - 00000000 ____D () O:\Users\knstrkt\Documents\NBGI
2015-02-22 13:32 - 2015-02-22 13:32 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Thief2
2015-02-22 13:32 - 2015-02-22 13:32 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief2
2015-02-20 17:27 - 2015-02-20 17:27 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Steam
2015-02-18 14:25 - 2015-02-18 14:25 - 00000611 _____ () O:\Users\Public\Desktop\Alchemilla.lnk
2015-02-17 13:46 - 2015-02-17 13:46 - 00000879 _____ () O:\Users\Public\Desktop\Thief-2 Fan-Mission Selector.lnk
2015-02-17 13:25 - 2015-02-17 13:25 - 00001219 _____ () O:\Users\Public\Desktop\Thief 3.lnk
2015-02-17 13:25 - 2015-02-17 13:25 - 00001217 _____ () O:\Users\Public\Desktop\FM Selector.lnk
2015-02-17 13:25 - 2015-02-17 13:25 - 00001066 _____ () O:\Users\Public\Desktop\SneakyTweaker.lnk
2015-02-17 13:25 - 2015-02-17 13:25 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief 3 Sneaky Upgrade
2015-02-17 13:19 - 2015-02-23 00:17 - 00000000 ____D () O:\ProgramData\Thief 3 Sneaky Upgrade
2015-02-17 13:01 - 2015-02-17 13:01 - 00000202 _____ () O:\Users\knstrkt\Desktop\Thief 2.url
2015-02-17 12:57 - 2015-02-17 12:57 - 00000200 _____ () O:\Users\knstrkt\Desktop\Thief Deadly Shadows.url
2015-02-17 03:02 - 2015-02-17 03:02 - 00000202 _____ () O:\Users\knstrkt\Desktop\Thief Gold.url
2015-02-17 01:18 - 2015-02-17 01:18 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ThiefGold
2015-02-17 01:18 - 2015-02-17 01:18 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThiefGold
2015-02-15 19:34 - 2015-02-15 19:39 - 00000000 ____D () O:\Users\knstrkt\Documents\Baldur's Gate - Enhanced Edition
2015-02-15 03:54 - 2015-02-15 03:54 - 25859805 _____ () O:\Users\knstrkt\Desktop\PosterFINAL.pptm
2015-02-15 02:16 - 2015-02-15 02:16 - 00001239 _____ () O:\Users\knstrkt\AppData\Local\recently-used.xbel
2015-02-12 18:36 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) O:\WINDOWS\system32\jscript9.dll
2015-02-12 18:36 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\jscript9.dll
2015-02-12 01:35 - 2015-02-12 01:35 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\CoherentLabs
2015-02-12 01:15 - 2015-02-12 01:15 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planetary Annihilation
2015-02-12 01:14 - 2015-02-12 01:15 - 00000000 ____D () O:\Program Files (x86)\Planetary Annihilation
2015-02-11 21:32 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) O:\WINDOWS\system32\Drivers\cng.sys
2015-02-11 21:32 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) O:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-02-11 21:32 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) O:\WINDOWS\system32\certcli.dll
2015-02-11 21:32 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\certcli.dll
2015-02-11 21:32 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) O:\WINDOWS\system32\WindowsCodecs.dll
2015-02-11 21:32 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-11 21:32 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) O:\WINDOWS\system32\ntoskrnl.exe
2015-02-11 21:32 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) O:\WINDOWS\system32\ntdll.dll
2015-02-11 21:32 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\ntdll.dll
2015-02-11 21:32 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) O:\WINDOWS\system32\schannel.dll
2015-02-11 21:32 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\schannel.dll
2015-02-11 21:32 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\scesrv.dll
2015-02-11 21:32 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) O:\WINDOWS\system32\scesrv.dll
2015-02-11 21:31 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) O:\WINDOWS\system32\sppobjs.dll
2015-02-11 21:31 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) O:\WINDOWS\system32\mshtml.dll
2015-02-11 21:31 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) O:\WINDOWS\system32\iertutil.dll
2015-02-11 21:31 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) O:\WINDOWS\system32\vbscript.dll
2015-02-11 21:31 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) O:\WINDOWS\system32\MshtmlDac.dll
2015-02-11 21:31 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) O:\WINDOWS\system32\jscript.dll
2015-02-11 21:31 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\mshtml.dll
2015-02-11 21:31 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) O:\WINDOWS\system32\dxtmsft.dll
2015-02-11 21:31 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\vbscript.dll
2015-02-11 21:31 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) O:\WINDOWS\system32\mshtmled.dll
2015-02-11 21:31 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-11 21:31 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\iertutil.dll
2015-02-11 21:31 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) O:\WINDOWS\system32\inetcomm.dll
2015-02-11 21:31 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\jscript.dll
2015-02-11 21:31 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) O:\WINDOWS\system32\webcheck.dll
2015-02-11 21:31 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) O:\WINDOWS\system32\msfeeds.dll
2015-02-11 21:31 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) O:\WINDOWS\system32\ie4uinit.exe
2015-02-11 21:31 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) O:\WINDOWS\system32\iedkcs32.dll
2015-02-11 21:31 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) O:\WINDOWS\system32\inetcpl.cpl
2015-02-11 21:31 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\dxtmsft.dll
2015-02-11 21:31 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) O:\WINDOWS\system32\ieframe.dll
2015-02-11 21:31 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\iepeers.dll
2015-02-11 21:31 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-11 21:31 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) O:\WINDOWS\system32\actxprxy.dll
2015-02-11 21:31 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) O:\WINDOWS\system32\wininet.dll
2015-02-11 21:31 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\webcheck.dll
2015-02-11 21:31 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-11 21:31 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-11 21:31 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-11 21:31 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\ieframe.dll
2015-02-11 21:31 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) O:\WINDOWS\system32\urlmon.dll
2015-02-11 21:31 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) O:\WINDOWS\system32\ieapfltr.dll
2015-02-11 21:31 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\wininet.dll
2015-02-11 21:31 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\urlmon.dll
2015-02-11 21:31 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-11 21:31 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) O:\WINDOWS\system32\oleaut32.dll
2015-02-11 21:31 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) O:\WINDOWS\SysWOW64\oleaut32.dll
2015-02-11 21:31 - 2014-12-09 00:12 - 00391526 _____ () O:\WINDOWS\system32\ApnDatabase.xml
2015-02-11 21:05 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) O:\WINDOWS\system32\win32k.sys
2015-02-11 19:43 - 2015-03-01 04:02 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Alt.Binz
2015-02-11 19:43 - 2015-02-11 19:43 - 00000000 ____D () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2015-02-11 19:43 - 2015-02-11 19:43 - 00000000 ____D () O:\Program Files (x86)\Alt.Binz
2015-02-10 00:00 - 2015-02-10 00:00 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Criterion Games
2015-02-08 23:18 - 2015-02-08 23:18 - 00000000 ____D () O:\Users\knstrkt\Documents\Benutzerdefinierte Office-Vorlagen
2015-02-07 18:04 - 2015-02-07 18:04 - 00000000 ____D () O:\Users\knstrkt\Documents\EA Games
2015-02-07 17:27 - 2015-02-07 17:27 - 00000201 _____ () O:\Users\knstrkt\Desktop\Mirror's Edge.url
2015-02-06 21:35 - 2015-02-06 21:35 - 00000000 ____D () O:\Users\knstrkt\Documents\Anno 1404
2015-02-06 21:17 - 2015-02-06 21:17 - 00000199 _____ () O:\Users\knstrkt\Desktop\Half-Life 2.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-07 17:28 - 2015-01-25 01:18 - 00005114 _____ () O:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Birdy-knstrkt Birdy
2015-03-07 17:27 - 2014-03-18 11:37 - 01189012 _____ () O:\WINDOWS\WindowsUpdate.log
2015-03-07 17:20 - 2014-08-09 01:32 - 00000884 _____ () O:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-03-07 17:12 - 2014-12-14 01:00 - 00003598 _____ () O:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1166866377-2740738264-2732345081-1001
2015-03-07 17:09 - 2012-12-01 17:56 - 00001130 _____ () O:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 17:07 - 2012-12-01 17:56 - 00001126 _____ () O:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 17:04 - 2013-08-22 16:36 - 00000000 ____D () O:\WINDOWS\system32\sru
2015-03-07 09:55 - 2013-05-15 21:35 - 00001140 _____ () O:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001UA.job
2015-03-07 09:06 - 2014-03-18 11:03 - 01898334 _____ () O:\WINDOWS\system32\PerfStringBackup.INI
2015-03-07 09:06 - 2014-03-18 10:24 - 00809718 _____ () O:\WINDOWS\system32\perfh007.dat
2015-03-07 09:06 - 2014-03-18 10:24 - 00178660 _____ () O:\WINDOWS\system32\perfc007.dat
2015-03-07 09:00 - 2013-08-22 15:45 - 00000006 ____H () O:\WINDOWS\Tasks\SA.DAT
2015-03-07 02:58 - 2014-03-18 02:49 - 02033406 _____ () O:\WINDOWS\PFRO.log
2015-03-07 02:54 - 2012-12-01 18:38 - 00000000 ___HD () O:\Program Files (x86)\InstallShield Installation Information
2015-03-07 02:35 - 2013-08-22 14:25 - 00262144 ___SH () O:\WINDOWS\system32\config\BBI
2015-03-07 02:07 - 2012-12-01 18:13 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\foobar2000
2015-03-06 12:31 - 2012-12-01 22:36 - 00637978 _____ () O:\WINDOWS\DirectX.log
2015-03-05 17:55 - 2013-05-15 21:35 - 00001088 _____ () O:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001Core.job
2015-03-05 16:28 - 2014-07-16 12:08 - 00000000 ____D () O:\Users\knstrkt
2015-03-05 03:02 - 2014-09-16 10:15 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\KeePass
2015-03-04 15:33 - 2014-09-16 11:56 - 00006622 _____ () O:\Users\knstrkt\Documents\NewDatabase2.kdbx
2015-03-01 17:14 - 2014-08-12 01:06 - 01041408 ___SH () O:\Users\knstrkt\Desktop\Thumbs.db
2015-03-01 17:12 - 2014-09-13 19:48 - 00000000 ____D () O:\Users\knstrkt\Desktop\Tor Browser
2015-03-01 17:03 - 2014-11-13 00:20 - 00000000 ____D () O:\Users\knstrkt\Desktop\Dump1
2015-03-01 04:09 - 2012-12-06 21:03 - 00000000 ____D () O:\Users\knstrkt\Documents\My Games
2015-02-28 21:44 - 2013-08-22 15:44 - 00548344 _____ () O:\WINDOWS\system32\FNTCACHE.DAT
2015-02-28 20:15 - 2013-03-01 10:24 - 00000000 ____D () O:\Program Files\Autodesk
2015-02-28 20:15 - 2013-03-01 10:19 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Autodesk
2015-02-28 20:15 - 2013-03-01 10:19 - 00000000 ____D () O:\ProgramData\Autodesk
2015-02-28 14:12 - 2013-07-24 12:37 - 00000000 ____D () O:\ProgramData\Package Cache
2015-02-28 03:51 - 2013-08-22 16:36 - 00000000 ____D () O:\WINDOWS\AppReadiness
2015-02-28 03:42 - 2014-09-03 20:04 - 00000000 ____D () O:\WINDOWS\Minidump
2015-02-27 23:44 - 2014-08-25 22:33 - 00000000 ____D () O:\WINDOWS\SysWOW64\directx
2015-02-27 18:36 - 2012-12-05 14:14 - 00000000 ____D () O:\Program Files (x86)\Futuremark
2015-02-27 15:35 - 2013-05-29 23:56 - 00000000 ____D () O:\Users\knstrkt\Documents\Proteus
2015-02-25 19:10 - 2012-12-05 07:39 - 00000000 ____D () O:\Program Files (x86)\Intel
2015-02-25 19:10 - 2012-07-26 08:59 - 00000000 ____D () O:\WINDOWS\CbsTemp
2015-02-25 03:19 - 2014-12-15 02:20 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Deployment
2015-02-24 11:55 - 2015-01-24 14:54 - 00000000 ___RD () O:\Users\knstrkt\Google Drive
2015-02-24 01:37 - 2013-07-19 22:04 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\The Witcher
2015-02-23 18:58 - 2014-01-25 00:06 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Battle.net
2015-02-19 20:50 - 2013-07-24 19:46 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Dropbox
2015-02-18 18:34 - 2012-12-01 17:45 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Packages
2015-02-17 13:55 - 2015-01-20 20:36 - 00000000 ___RD () O:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-17 13:55 - 2015-01-20 20:33 - 00000000 ____D () O:\ProgramData\Microsoft Help
2015-02-17 13:20 - 2014-09-20 20:01 - 00000000 ____D () O:\Games
2015-02-15 19:25 - 2014-04-30 21:54 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2015-02-15 19:12 - 2013-03-05 23:56 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Skyrim
2015-02-15 03:54 - 2015-02-03 20:12 - 00000000 ____D () O:\Users\knstrkt\Desktop\Poster
2015-02-15 02:53 - 2015-01-20 20:33 - 00000000 ____D () O:\Users\knstrkt\AppData\Local\Microsoft Help
2015-02-14 00:44 - 2015-02-03 20:11 - 00000000 ____D () O:\Users\knstrkt\Desktop\Fiji.app
2015-02-14 00:09 - 2015-02-02 21:02 - 00001070 _____ () O:\Users\knstrkt\Desktop\Dropbox.lnk
2015-02-14 00:09 - 2013-07-25 11:52 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 08:20 - 2013-08-22 16:36 - 00000000 ____D () O:\WINDOWS\rescache
2015-02-11 22:42 - 2013-10-17 21:14 - 00000000 ____D () O:\WINDOWS\system32\MRT
2015-02-11 22:38 - 2012-12-12 10:14 - 116773704 _____ (Microsoft Corporation) O:\WINDOWS\system32\MRT.exe
2015-02-11 22:37 - 2013-08-22 14:25 - 00000167 _____ () O:\WINDOWS\win.ini
2015-02-10 21:06 - 2014-07-19 13:51 - 00000000 ____D () O:\Users\knstrkt\AppData\Roaming\Raptr
2015-02-07 17:50 - 2013-05-15 21:35 - 00004090 _____ () O:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001UA
2015-02-07 17:50 - 2013-05-15 21:35 - 00003710 _____ () O:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001Core
2015-02-07 16:23 - 2014-01-25 00:05 - 00000000 ____D () O:\Program Files (x86)\Battle.net

==================== Files in the root of some directories =======

2013-09-07 03:25 - 2013-09-07 03:13 - 0012005 _____ () O:\Users\knstrkt\AppData\Roaming\alsoft.ini
2013-09-21 00:48 - 2013-09-21 00:48 - 0000000 _____ () O:\Users\knstrkt\AppData\Roaming\bitlord_log.txt
2014-06-19 14:31 - 2014-10-21 13:13 - 0000002 _____ () O:\Users\knstrkt\AppData\Roaming\test_1234.txt
2014-09-27 19:25 - 2014-09-27 19:25 - 0003656 _____ () O:\Users\knstrkt\AppData\Roaming\ucinetlog1.txt
2014-09-27 19:38 - 2014-09-27 19:38 - 0003360 _____ () O:\Users\knstrkt\AppData\Roaming\ucinetlog2.txt
2015-02-26 19:16 - 2015-03-07 17:17 - 2128896 _____ () O:\Users\knstrkt\AppData\Local\file__0.localstorage
2012-12-01 18:27 - 2012-12-01 18:27 - 0000095 _____ () O:\Users\knstrkt\AppData\Local\fusioncache.dat
2015-02-15 02:16 - 2015-02-15 02:16 - 0001239 _____ () O:\Users\knstrkt\AppData\Local\recently-used.xbel
2012-12-01 21:18 - 2015-01-18 01:07 - 0007671 _____ () O:\Users\knstrkt\AppData\Local\Resmon.ResmonCfg
2013-03-01 10:25 - 2013-03-01 10:25 - 0000153 _____ () O:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
O:\Users\knstrkt\AppData\Local\Temp\AcDeltree.exe
O:\Users\knstrkt\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
O:\Users\knstrkt\AppData\Local\Temp\ose00000.exe
O:\Users\knstrkt\AppData\Local\Temp\proxy_vole5094260885191178790.dll
O:\Users\knstrkt\AppData\Local\Temp\speccycpuid.dll
O:\Users\knstrkt\AppData\Local\Temp\utildel.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

O:\Windows\System32\winlogon.exe => File is digitally signed
O:\Windows\System32\wininit.exe => File is digitally signed
O:\Windows\explorer.exe => File is digitally signed
O:\Windows\SysWOW64\explorer.exe => File is digitally signed
O:\Windows\System32\svchost.exe => File is digitally signed
O:\Windows\SysWOW64\svchost.exe => File is digitally signed
O:\Windows\System32\services.exe => File is digitally signed
O:\Windows\System32\User32.dll => File is digitally signed
O:\Windows\SysWOW64\User32.dll => File is digitally signed
O:\Windows\System32\userinit.exe => File is digitally signed
O:\Windows\SysWOW64\userinit.exe => File is digitally signed
O:\Windows\System32\rpcss.dll => File is digitally signed
O:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-04 12:34

==================== End Of Log ============================
         
--- --- ---


Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-03-2015 01
Ran by knstrkt at 2015-03-07 17:54:41
Running from F:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Internet Security 2015 (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Internet Security 2015 (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Enabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Der Herr der Ringe Online™“ v03.08.00.8025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8025 - Turbine, Inc.)
3DMark (HKLM-x32\...\{33f8bc21-1d62-455b-8038-c8296d01ec48}) (Version: 1.4.780.0 - Futuremark)
3DMark (Version: 1.4.780.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Reader XI (11.0.01) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.01 - Adobe Systems Incorporated)
Age of Wonders (HKLM-x32\...\Steam App 61500) (Version:  - Triumph Studios)
Age of Wonders: Shadow Magic (HKLM-x32\...\Steam App 61520) (Version:  - Triumph Studios)
Akamai NetSession Interface (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Albion4Win Version 1.0 (HKLM-x32\...\{AAA1CCEE-3FF5-4EDC-A291-211124C55617}_is1) (Version: 1.0 - Enrico Ludwig)
Alchemilla v1.0 (HKLM-x32\...\{F48B561D-9D56-4C5E-8822-AB78042BA342}}_is1) (Version:  - White Noise)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anachronox (HKLM-x32\...\Anachronox_is1) (Version:  - GOG.com)
Any Video Converter 5.7.7 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version:  - Canon Inc.)
Catzilla 1.3 (HKLM\...\{41EE0CB2-75DE-4FE0-AEB2-4CBC30624FA6}_is1) (Version: 1.3 - ALLPlayer Group Ltd.)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Konsole Starter (HKLM-x32\...\Console Launcher) (Version:  - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Curse Client (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Der Herr der Ringe Online (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\lotro_midres_de) (Version:  - )
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Desura: Gnomoria (HKLM-x32\...\Desura_76867029696544) (Version: Alpha - Robotronic Games)
Desura: Xonotic (HKLM-x32\...\Desura_54322746359840) (Version: Full - Team Xonotic)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
Dropbox (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Elite Force (HKLM-x32\...\Elite Force) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EVE Isk per Hour (HKLM-x32\...\{61A1A5A8-2835-46CD-9429-A8F4CFEE6657}) (Version: 2.2 - EVE IPH)
EveHQ (HKLM-x32\...\EveHQ) (Version:  - )
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.9.3 - battleclinic.com)
Evernus (HKLM\...\{210F680E-3A86-4C3B-8C1A-2966A4BF2E7C}) (Version: 1.25.0 - Evernus)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
foobar2000 v1.3.7 (HKLM-x32\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Futuremark SystemInfo (HKLM-x32\...\{A7E0E8D0-2E06-428A-8A8A-83BFF0B4DFE6}) (Version: 4.34.498.0 - Futuremark)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Happy Cloud Client (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HIS iTurbo (HKLM-x32\...\HIS iTurbo) (Version:  - )
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Jagged Alliance 2 (HKLM-x32\...\{14732331-A762-44D5-A5CE-02F129473F32}_is1) (Version: v1.05 - Grosses_K)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MATLAB R2013a (HKLM\...\Matlab R2013a) (Version: 8.1 - The MathWorks, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\OneDriveSetup.exe) (Version: 17.3.1166.0618 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.57 (HKLM-x32\...\Mp3tag) (Version: v2.57 - Florian Heidenreich)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Mumble 1.2.7 (HKLM-x32\...\{FEFBBD52-B304-4D81-9DF8-E19C1373AC30}) (Version: 1.2.7 - Thorvald Natvig)
Music Manager (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\MusicManager) (Version:  - Google, Inc.)
My Game Long Name (HKLM\...\UDK-35fdddf4-cc0d-4eea-9270-9f32348390fa) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-d81609c6-1d9f-426c-8ed7-33094d117246) (Version:  - Epic Games, Inc.)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
MyFreeCodec (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\MyFreeCodec) (Version:  - )
NaissanceE (HKLM\...\UDK-524c3c2b-a242-476e-a482-fbf9f683121d) (Version:  - Epic Games, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.3 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Internet Security 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0002 - Panda Security)
Panda Internet Security 2015 (Version: 7.23.00.0000 - Panda Security) Hidden
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22397 - Grinding Gear Games)
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
pyfa version 1.1.22 (Rubicon 1.3) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.1.22 (Rubicon 1.3) - pyfa)
Python 2.7.8 (HKLM-x32\...\{61121B12-88BD-4261-A6EE-AB32610A56DD}) (Version: 2.7.8150 - Python Software Foundation)
Python 3.3.3 (64-bit) (HKLM\...\{e9d90870-ab19-32a8-aa93-f8348ba21d05}) (Version: 3.3.3150 - Python Software Foundation)
Race The Sun 1.0 (HKLM-x32\...\Race The Sun 1.0) (Version: 1.0 - Cat-A-Cat)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Receiver version 0.0.0.9 (HKLM-x32\...\Receiver_is1) (Version: 0.0.0.9 - WaLMaRT)
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\GOGPACKRTC_is1) (Version: 2.1.0.18 - GOG.com)
S.T.A.L.K.E.R.: Lost Alpha version 1.3003 (HKLM-x32\...\S.T.A.L.K.E.R.: Lost Alpha_is1) (Version: 1.3003 - dezowave)
SABnzbd 0.7.20 (HKLM-x32\...\SABnzbd) (Version: 0.7.20 - The SABnzbd Team)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.1.13103.22 - Samsung Electronics Co., Ltd.) Hidden
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.1 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SC4 Launcher (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\SC4 Launcher) (Version:  - )
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
Source SDK Base 2013 Singleplayer (HKLM-x32\...\Steam App 243730) (Version:  - )
Speccy (HKLM\...\Speccy) (Version: 1.19 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SPSS 16.0 für Windows (HKLM-x32\...\{99A89BD2-21DF-43EB-9024-9A4040F167F5}) (Version: 16.0.1 - SPSS Inc.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version:  - Gas Powered Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Forest version 0.05 (HKLM-x32\...\The Forest_is1) (Version: 0.05 - GMT-MAX.ORG)
The Way of Life (HKLM-x32\...\Steam App 310370) (Version:  - Fabio Ferrara)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Thief (HKLM-x32\...\Steam App 239160) (Version:  - Eidos-Montréal)
Thief 2 (HKLM-x32\...\Steam App 211740) (Version:  - Looking Glass Studios)
Thief 2 HD Mod 0.9.5 (HKLM-x32\...\Thief2) (Version:  - )
Thief 3 Sneaky Upgrade version 1.1.5 (HKLM-x32\...\{6787B847-DE1D-4B75-AF7F-9F0B0FF9E59E}_is1) (Version: 1.1.5 - )
Thief Gold (HKLM-x32\...\Steam App 211600) (Version:  - Looking Glass Studios)
Thief Gold HD Mod 0.9.3 (HKLM-x32\...\ThiefGold) (Version:  - )
Thief: Deadly Shadows (HKLM-x32\...\Steam App 6980) (Version:  - Ion Storm)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Tyrian 2000 (HKLM-x32\...\GOGPACKTYRIAN2000_is1) (Version: 2.0.0.11 - GOG.com)
UCINET 6 (HKLM-x32\...\UCINET 6) (Version:  - Analytic Technologies)
UCINET 6 (x32 Version: 6.516 - Analytic Technologies) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\XBMC) (Version:  - Team XBMC)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.3 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> O:\Program Files\Autodesk\AutoCAD 2013\acad.exe No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{708bae9b-6cc2-4bb0-bfab-fad6115debbb}\InprocServer32 -> O:\WINDOWS\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> O:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> O:\Program Files\Autodesk\AutoCAD 2013\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> O:\Program Files\Autodesk\AutoCAD 2013\en-US\acadficn.dll No File
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> O:\Users\knstrkt\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1166866377-2740738264-2732345081-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> O:\Users\knstrkt\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

04-03-2015 12:35:55 Geplanter Prüfpunkt
06-03-2015 11:52:05 Installed Rockstar Games Social Club

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-01-24 18:55 - 2015-01-24 18:55 - 00000355 ____A O:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1	localhost
::1			localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D8482DC-33EC-439E-836E-ED1074C80CA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001UA => O:\Users\knstrkt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-06] (Google Inc.)
Task: {12FA5E99-0821-4F0B-A327-DF1B5477146C} - System32\Tasks\GoogleUpdateTaskMachineUA => O:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {1A9AC138-41A9-4F6C-9881-1EB7B21C1251} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => O:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2FAD92DF-D867-4F9E-B3D7-5FFCD558A98D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Birdy-knstrkt Birdy => O:\Program Files\Microsoft Office\Office15\MsoSync.exe [2015-01-21] (Microsoft Corporation)
Task: {418799C2-4569-4E4F-A4D5-F6B1786B26F5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001Core => O:\Users\knstrkt\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-06] (Google Inc.)
Task: {432F692C-0E16-4D14-AAEC-D49FF6919C86} - System32\Tasks\{DD9E8EED-5C96-4027-A987-2CA8ECD97EF9} => pcalua.exe -a "E:\_SPiel!\Battlezone 1.5\bzone.exe" -d "E:\_SPiel!\Battlezone 1.5"
Task: {44887F5F-DB6E-4227-AD62-251BF2446CDB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => O:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4B77DFE7-840E-4E3A-BC96-F29794B45A73} - System32\Tasks\Adobe Flash Player Updater => O:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {6E76A334-D748-4DE8-ADFB-444A5AD2ECC6} - \Microsoft OneDrive Auto Update Task-S-1-5-21-1166866377-2740738264-2732345081-1001 No Task File <==== ATTENTION
Task: {7EFA1EED-460F-4E25-9D88-0F41F9199567} - \{9FE2F8CD-F666-4937-AAE1-9E6E2E4C0AF5} No Task File <==== ATTENTION
Task: {891EA0F5-B6CE-4308-8599-295F827C8FDA} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe
Task: {C07418D2-A87F-4BF9-B270-100651CBF8E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => O:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D909EA6C-EF25-499A-AA43-7A9FF9DE187D} - \{305E7BCB-9ECB-4215-A92B-B8B140EDD205} No Task File <==== ATTENTION
Task: {D9B53274-DFAD-44C2-A517-BE8C74D64323} - System32\Tasks\GoogleUpdateTaskMachineCore => O:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {F3D0043A-F3A7-4505-B1F4-A5165851D112} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => O:\WINDOWS\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: O:\WINDOWS\Tasks\Adobe Flash Player Updater.job => O:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: O:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => O:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: O:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => O:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: O:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001Core.job => O:\Users\knstrkt\AppData\Local\Google\Update\GoogleUpdate.exe
Task: O:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1166866377-2740738264-2732345081-1001UA.job => O:\Users\knstrkt\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () O:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () O:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () O:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-02-11 19:43 - 2015-03-07 17:07 - 00175616 _____ () O:\Users\knstrkt\AppData\Local\Alt.Binz\misc\unrar.dll
2015-02-19 21:10 - 2015-02-17 23:44 - 01117512 _____ () O:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 21:10 - 2015-02-17 23:44 - 00211272 _____ () O:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 21:10 - 2015-02-17 23:44 - 09171272 _____ () O:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-19 21:10 - 2015-02-17 23:44 - 14965064 _____ () O:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: O:\Users\knstrkt\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\Control Panel\Desktop\\Wallpaper -> O:\Users\knstrkt\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "CTxfiHlp"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\StartupFolder: => "Samsung SSD Magician.lnk"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "EVEMon"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => ""
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1166866377-2740738264-2732345081-1001\...\StartupApproved\Run: => "GoogleDriveSync"

==================== Accounts: =============================

Administrator (S-1-5-21-1166866377-2740738264-2732345081-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1166866377-2740738264-2732345081-1002 - Limited - Enabled)
Gast (S-1-5-21-1166866377-2740738264-2732345081-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1166866377-2740738264-2732345081-1006 - Limited - Enabled)
knstrkt (S-1-5-21-1166866377-2740738264-2732345081-1001 - Administrator - Enabled) => O:\Users\knstrkt

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/07/2015 09:00:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4a4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (03/07/2015 08:56:43 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv. 

Kontext: Windows Anwendung


Details:
	Das Datenträgeränderungsjournal ist nicht aktiviert.  (HRESULT : 0x8007049b) (0x8007049b)

Error: (03/07/2015 02:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4b8
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (03/07/2015 02:47:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001133f
ID des fehlerhaften Prozesses: 0x4a4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (03/07/2015 02:35:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4c0
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (03/07/2015 01:58:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Name des fehlerhaften Moduls: igfxCUIService.exe, Version: 6.15.10.3958, Zeitstempel: 0x54256c7d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000ee28
ID des fehlerhaften Prozesses: 0x4b4
Startzeit der fehlerhaften Anwendung: 0xigfxCUIService.exe0
Pfad der fehlerhaften Anwendung: igfxCUIService.exe1
Pfad des fehlerhaften Moduls: igfxCUIService.exe2
Berichtskennung: igfxCUIService.exe3
Vollständiger Name des fehlerhaften Pakets: igfxCUIService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxCUIService.exe5

Error: (03/07/2015 01:47:56 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/07/2015 00:01:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Birdy)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/06/2015 11:52:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/06/2015 00:05:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154


System errors:
=============
Error: (03/07/2015 09:00:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/07/2015 09:00:42 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/07/2015 02:58:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/07/2015 02:58:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/07/2015 02:47:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/07/2015 02:47:42 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/07/2015 02:47:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
%%1062

Error: (03/07/2015 02:35:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037

Error: (03/07/2015 02:35:50 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/07/2015 01:58:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) HD Graphics Control Panel Service" wurde mit folgendem Fehler beendet: 
%%2147500037


Microsoft Office Sessions:
=========================
Error: (03/07/2015 09:00:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284a401d058accd8a6612O:\WINDOWS\system32\igfxCUIService.exeO:\WINDOWS\system32\igfxCUIService.exe0e797203-c4a0-11e4-bfc0-d43d7e3441d9

Error: (03/07/2015 08:56:43 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Kontext: Windows Anwendung


Details:
	Das Datenträgeränderungsjournal ist nicht aktiviert.  (HRESULT : 0x8007049b) (0x8007049b)
C:\

Error: (03/07/2015 02:58:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284b801d0587a3c523eb4O:\WINDOWS\system32\igfxCUIService.exeO:\WINDOWS\system32\igfxCUIService.exe7cb5f57b-c46d-11e4-bfbf-d43d7e3441d9

Error: (03/07/2015 02:47:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000001133f4a401d05878b169eefdO:\WINDOWS\system32\igfxCUIService.exeO:\WINDOWS\system32\igfxCUIService.exef5cbab6c-c46b-11e4-bfbe-d43d7e3441d9

Error: (03/07/2015 02:35:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284c001d05877092d0423O:\WINDOWS\system32\igfxCUIService.exeO:\WINDOWS\system32\igfxCUIService.exe49d089ee-c46a-11e4-bfbd-d43d7e3441d9

Error: (03/07/2015 01:58:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.395854256c7digfxCUIService.exe6.15.10.395854256c7dc0000005000000000000ee284b401d05871e1446091O:\WINDOWS\system32\igfxCUIService.exeO:\WINDOWS\system32\igfxCUIService.exe2147b77b-c465-11e4-bfbc-d43d7e3441d9

Error: (03/07/2015 01:47:56 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/07/2015 00:01:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Birdy)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927142

Error: (03/06/2015 11:52:06 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (03/06/2015 00:05:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154


CodeIntegrity Errors:
===================================
  Date: 2015-01-30 18:23:42.368
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:54.064
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:54.033
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:50.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:50.692
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:50.614
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:50.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:48.635
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:48.588
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-10-20 13:24:48.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G2120 @ 3.10GHz
Percentage of memory in use: 34%
Total physical RAM: 8121.95 MB
Available physical RAM: 5327.32 MB
Total Pagefile: 11193.95 MB
Available Pagefile: 7725.72 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Buffen) (Fixed) (Total:97.66 GB) (Free:90.89 GB) NTFS
Drive e: (Schachtel) (Fixed) (Total:244.08 GB) (Free:5.55 GB) NTFS
Drive f: (Kasten) (Fixed) (Total:97.66 GB) (Free:63.31 GB) NTFS
Drive m: (Elemente) (Fixed) (Total:1863.01 GB) (Free:523.99 GB) NTFS
Drive o: () (Fixed) (Total:119.24 GB) (Free:19.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive w: (Koffer) (Fixed) (Total:244.21 GB) (Free:198.15 GB) NTFS
Drive x: (Truhe) (Fixed) (Total:247.92 GB) (Free:85.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 119.2 GB) (Disk ID: 3AA2967F)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 6AACF54A)
Partition 1: (Not Active) - (Size=585.9 GB) - (Type=42)
Partition 2: (Active) - (Size=97.7 GB) - (Type=42)
Partition 3: (Not Active) - (Size=247.9 GB) - (Type=42)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00043528)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 08.03.2015, 08:52   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



Malware ist nicht der Grund. Verschwinden denn immer noch Dateien, oder war das jetzt nur das eine Mal?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.03.2015, 12:28   #5
RSH
 
Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



Hallo schrauber,

Ein kompletter Scan mit Panda Antivirus hat auch nichts ergeben. Bisher habe ich (klopf auf Holz) noch keinen weiteren Datenverlust festgestellt.

chkdsk hat keine fehlerhaften Sektoren ergeben, weiter wüsste ich spontan nicht, wie ich einen Fehler auf der Platte diagnostizieren kann.

Wirklich sehr seltsam. ich hatte ja secuRom im Verdacht, aber obwohl dieses Programm für viele Dinge verantwortlich gemacht wird, spontaner Datenverlust scheint nicht zu dazu zu gehören.

Irgendeine Idee, in welche Richtung ich schauen sollte?


Alt 08.03.2015, 19:03   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Programme auf einer Partition deinstallieren / löschen sich selbstständig - Standard

Programme auf einer Partition deinstallieren / löschen sich selbstständig



Zustand der Festplatte herausfinden - so gehts - Anleitungen

Damit kannste die Platte noch checken.
__________________
--> Programme auf einer Partition deinstallieren / löschen sich selbstständig

Antwort

Themen zu Programme auf einer Partition deinstallieren / löschen sich selbstständig
anleitung, antimalware, antivirus, bestimmte, dateien, dateiverlust, datenträger, desktop, dvd, falsch, festplatte, folge, gen, geräusche, herunterfahren, hängen, icon, leute, löschen, problem, programme, scan, securom, verbindung, verschwunden, windows



Ähnliche Themen: Programme auf einer Partition deinstallieren / löschen sich selbstständig


  1. Zombie Invasion lässt sich nicht deinstallieren / löschen
    Plagegeister aller Art und deren Bekämpfung - 14.02.2015 (17)
  2. win xp und win 7 auf einer partition. wie bekomme ich win 7 wieder weg um an daten unter xp zu kommen
    Alles rund um Windows - 08.05.2014 (29)
  3. Windows XP: Fragmente verschiedener Programme lassen sich nicht deinstallieren, Desktophintergrund verändert sich
    Log-Analyse und Auswertung - 18.02.2014 (12)
  4. Programme lassen sich nicht mehr über Systemsteuerung löschen
    Log-Analyse und Auswertung - 09.12.2013 (19)
  5. Programme lassen sich nicht deinstallieren - Laptop total verseucht?
    Plagegeister aller Art und deren Bekämpfung - 22.10.2013 (13)
  6. Eazel Search lässt sich nicht deinstallieren/löschen :(
    Plagegeister aller Art und deren Bekämpfung - 05.03.2013 (26)
  7. Ist nach Ausführen einer HP Recovery Partition der PC sauber?
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (1)
  8. Dateien löschen sich selbstständig
    Alles rund um Windows - 25.09.2012 (3)
  9. Programme lassen sich nicht mehr öffnen -> löschen sich bei Öffnungsversuch
    Plagegeister aller Art und deren Bekämpfung - 01.12.2011 (29)
  10. Nach einer Malware attacke lassen sich einige Programme nicht mehr updaten
    Plagegeister aller Art und deren Bekämpfung - 04.01.2011 (49)
  11. Programme löschen sich.
    Log-Analyse und Auswertung - 05.09.2010 (9)
  12. rücksicherung einer partition nicht erkannt ....
    Alles rund um Windows - 20.07.2009 (4)
  13. Lässt sich nicht deinstallieren C:\Programme\Instant Access\Dialer\780215672"
    Plagegeister aller Art und deren Bekämpfung - 04.10.2008 (2)
  14. Es funktionieren keine dateien mehr auf einer Partition
    Plagegeister aller Art und deren Bekämpfung - 25.02.2007 (5)
  15. Späteres Schaffen einer neuen Partition möglich?
    Alles rund um Windows - 24.03.2006 (13)
  16. Mein Mauszeiger bewegt sich selbstständig und klickt programme an.
    Mülltonne - 25.02.2006 (1)
  17. Formatieren einer einzelnen Partition?
    Alles rund um Windows - 20.06.2005 (2)

Zum Thema Programme auf einer Partition deinstallieren / löschen sich selbstständig - Hallo liebe Leute, System: Windows 8.1 64-bit Gestern bemerkte ich dass auf einer Partition im Laufe des Tages in einem bestimmten Überordner Programme verschwunden sind, deren Löschung/deinstallation ich nicht veranlasst - Programme auf einer Partition deinstallieren / löschen sich selbstständig...
Archiv
Du betrachtest: Programme auf einer Partition deinstallieren / löschen sich selbstständig auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.