Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7

bensie · 23.12.2014, 16:39

Hallo,
ich bin neu hier und kann leider nicht an dem anderen Thread posten (keine Rechte), könnt ihr mir bitte helfen und das hier evtl auch verschieben

hier die Logs
FRST

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by bensie (administrator) on BENSIE-PC on 23-12-2014 16:29:58
Running from C:\Users\bensie\Downloads
Loaded Profile: bensie (Available profiles: bensie)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Analog Devices, Inc.) C:\Users\bensie\Downloads\AD1988AB_Audio_V6585_XpVistaWin7\Driver\Win7\SM_Panel\x86\SoundMAX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Idea2) C:\Program Files (x86)\Desktop Sidebar\dsidebar.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [SoundMax] => C:\Users\bensie\Downloads\AD1988AB_Audio_V6585_XpVistaWin7\Driver\Win7\SM_Panel\x86\SoundMAX.exe [3866624 2009-06-05] (Analog Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [EPSON Stylus DX4200 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE [98304 2005-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HyperSLI Control Panel] => C:\Program Files (x86)\HyperSLI\HyperSLICP.exe [1811968 2013-10-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Run: [Sidebar] => C:\Program Files (x86)\Desktop Sidebar\dsidebar.exe [1777664 2006-07-09] (Idea2)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\RunOnce: [Adobe Speed Launcher] => 1419345111
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\MountPoints2: {41b15740-1185-11e2-80f6-806e6f6e6963} - I:\setup.exe
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\MountPoints2: {be0d6640-f607-11e3-bde0-806e6f6e6963} - H:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Actualizar la licencia de ESET.lnk
ShortcutTarget: Actualizar la licencia de ESET.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll (SmartSoft Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO-x32: Idea2 SidebarBrowserMonitor Class -> {45AD732C-2CE2-4666-B366-B2214AD57A49} -> C:\Program Files (x86)\Desktop Sidebar\sbhelp.dll (Idea2)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "ftp", "217.12.113.67"
FF NetworkProxy: "ftp_port", 443
FF NetworkProxy: "http", "217.12.113.67"
FF NetworkProxy: "http_port", 443
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "217.12.113.67"
FF NetworkProxy: "socks_port", 443
FF NetworkProxy: "ssl", "217.12.113.67"
FF NetworkProxy: "ssl_port", 443
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKU\S-1-5-21-3106869042-3269868222-4255230798-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\bensie\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF user.js: detected! => C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: Cookies Manager+ - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2013-08-08]
FF Extension: Flash and Video Download - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-09]
FF Extension: Stealthy - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\stealthyextension@gmail.com.xpi [2012-02-20]
FF Extension: {6e2d42c6-c36f-454d-ad42-db478c67d08b} - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{6e2d42c6-c36f-454d-ad42-db478c67d08b}.xpi [2014-12-11]
FF Extension: NoScript - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-02-27]
FF Extension: ZIP Wizard - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{be9533d2-0763-462e-abd7-027f0632abdf}.xpi [2014-12-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-04-29]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
CHR Profile: C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-30]
CHR Extension: (YouTube) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (Google-Suche) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-01-30]
CHR Extension: (Google Mail) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-09-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-12-15] (SOURCENEXT) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) [File not signed]
R2 DiskBoss Service; C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe [114688 2014-07-23] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2013-09-04] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [714208 2014-12-10] (Cherished Technololgy LIMITED)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-09-30] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\RpcAgentSrv.exe [68760 2008-09-05] (SiSoftware) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [38944 2011-12-15] (B.H.A Corporation)
S4 ddrv; No ImagePath
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-17] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [270272 2008-09-25] (Stephan Schreiber)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed]
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [80320 2008-08-28] (Stephan Schreiber)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2014-12-23] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-17] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
U3 acsgcbs4; C:\Windows\System32\Drivers\acsgcbs4.sys [0 ] (Advanced Micro Devices)
S3 7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [X]
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
R3 ALSysIO; \??\C:\Users\bensie\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\bensie\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 SliceDisk5; \??\C:\Users\bensie\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:45 - 2014-12-23 16:30 - 00025669 ____C () C:\Users\bensie\Downloads\FRST.txt
2014-12-23 15:45 - 2014-12-23 16:29 - 00000000 ____D () C:\FRST
2014-12-23 15:42 - 2014-12-23 15:44 - 00000000 ___DC () C:\Program Files (x86)\VS Revo Group
2014-12-23 15:42 - 2014-12-23 15:42 - 02623656 ____C (VS Revo Group Ltd.) C:\Users\bensie\Downloads\revosetup95.exe
2014-12-23 15:41 - 2014-12-23 15:41 - 02122240 ____C (Farbar) C:\Users\bensie\Downloads\FRST64.exe
2014-12-23 15:39 - 2014-12-23 15:40 - 00108216 ____C (Symantec Corporation) C:\Windows\system32\Drivers\SMR430.SYS
2014-12-23 15:39 - 2014-12-23 15:40 - 00000020 ____C () C:\Windows\system32\Drivers\SMR430.dat
2014-12-23 15:39 - 2014-12-23 15:40 - 00000000 ___DC () C:\Users\bensie\AppData\Local\NPE
2014-12-23 15:39 - 2014-12-23 15:39 - 03077776 ____C (Symantec Corporation) C:\Users\bensie\Downloads\NPE.exe
2014-12-23 15:39 - 2014-12-23 15:39 - 00000000 ___DC () C:\ProgramData\Norton
2014-12-22 15:47 - 2014-12-22 15:47 - 82305268 ____C () C:\Users\bensie\Downloads\openhdf-gb800ueplus-166-20141222_usb.zip
2014-12-18 17:07 - 2014-12-18 17:07 - 00000000 ___DC () C:\Users\bensie\channel_e2
2014-12-18 16:06 - 2014-12-18 16:06 - 00000000 ___DC () C:\Users\bensie\Downloads\softcam-feed-mipsel_1.0_all
2014-12-14 19:17 - 2014-12-14 19:20 - 00000000 ___DC () C:\Users\bensie\Documents\NFSTR
2014-12-12 17:49 - 2014-12-18 19:43 - 00000000 ___DC () C:\Users\bensie\.mediathek3
2014-12-12 17:49 - 2014-12-12 17:49 - 00000000 ___DC () C:\Users\bensie\Downloads\MediathekView_8
2014-12-12 17:46 - 2014-12-12 17:46 - 00000788 ____C () C:\Users\Public\Desktop\Need for Speed The Run.lnk
2014-12-12 17:19 - 2014-12-12 17:19 - 00000000 ___DC () C:\Users\bensie\Documents\Ubisoft
2014-12-12 17:16 - 2014-12-12 17:16 - 00000712 ____C () C:\Users\Public\Desktop\Driver San Francisco.lnk
2014-12-12 17:16 - 2014-12-12 17:16 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-12 16:26 - 2014-12-12 16:26 - 00001208 ____C () C:\Users\bensie\Desktop\Uplay.lnk
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Local\Ubisoft Game Launcher
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Program Files (x86)\Ubisoft
2014-12-12 15:43 - 2014-12-12 15:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-12 15:43 - 2014-09-26 18:36 - 00272808 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-12 15:42 - 2014-12-12 15:43 - 00004426 ____C () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-11 16:26 - 2014-12-11 16:26 - 00000000 ___DC () C:\Users\bensie\Downloads\Offcial Sound fix_realtex alc663
2014-12-11 15:50 - 2014-11-12 21:46 - 00615624 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-11 15:48 - 2014-11-13 01:20 - 31893136 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 24557712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 20922512 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 19966344 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 17259664 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 14032984 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 13944952 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 13213512 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-11 15:48 - 2014-11-13 01:20 - 11397744 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 11336432 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 04292416 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 04011208 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 01540424 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00964928 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00935240 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00923792 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00900928 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00871648 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00352016 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00303600 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00174856 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00156840 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-11 15:11 - 2014-12-11 15:11 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.37
2014-12-11 15:11 - 2014-12-11 15:11 - 00000000 ___DC () C:\Program Files (x86)\Media Player Utilities 4.37
2014-12-11 15:08 - 2014-12-11 15:08 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\iOrgSoft
2014-12-11 15:03 - 2014-12-11 15:06 - 00000000 ___DC () C:\Users\bensie\Documents\Log Files
2014-12-11 15:03 - 2014-12-11 15:03 - 00000000 ___DC () C:\Users\bensie\Documents\iOrgSoft
2014-12-11 15:03 - 2014-12-11 15:03 - 00000000 ___DC () C:\Program Files (x86)\iOrgSoft
2014-12-10 18:33 - 2014-12-10 18:33 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\dlg
2014-12-10 18:31 - 2014-12-11 14:13 - 00000000 ___DC () C:\ProgramData\WindowsMangerProtect
2014-12-10 18:31 - 2014-12-10 18:31 - 00000000 ___DC () C:\ProgramData\IePluginServices
2014-12-10 18:31 - 2014-12-10 18:31 - 00000000 ___DC () C:\Program Files (x86)\SupTab
2014-12-10 17:53 - 2014-12-10 17:53 - 00000000 _SHDC () C:\Users\bensie\AppData\Local\EmieBrowserModeList
2014-12-10 16:31 - 2014-12-10 16:31 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:31 - 00000000 ___DC () C:\ProgramData\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00001244 ____C () C:\Users\bensie\Desktop\AVS Video Converter.lnk
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\Program Files (x86)\AVS4YOU
2014-12-10 16:30 - 2012-03-23 18:59 - 01700352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-10 16:30 - 2012-03-23 18:59 - 00024576 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-12-10 16:17 - 2014-12-10 16:17 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 19:26 - 2014-12-09 19:26 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-12-09 19:26 - 2014-03-07 10:03 - 00550032 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00181392 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00166544 _RSHC (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00118416 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00109712 _RSHC () C:\Windows\SysWOW64\libbluray.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00098960 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-4.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00059536 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2014-12-09 19:26 - 2014-01-31 15:20 - 00000493 _RSHC () C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2014-12-09 19:25 - 2014-03-07 10:03 - 03109520 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00313520 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00203408 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00122512 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2014-12-09 19:25 - 2012-10-05 18:54 - 00188416 _RSHC () C:\Windows\SysWOW64\winDCE32.dll
2014-12-09 19:25 - 2012-07-11 22:00 - 00075776 ____C (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2014-12-09 19:25 - 2011-06-14 19:05 - 00121344 _RSHC () C:\Windows\SysWOW64\TAKDSDecoder.ax
2014-12-09 19:25 - 2011-02-11 09:26 - 00112128 _RSHC () C:\Windows\SysWOW64\OptimFROG.dll
2014-12-09 19:25 - 2010-01-06 23:00 - 00107520 _RSHC () C:\Windows\SysWOW64\TAKDSDecoder.dll
2014-12-09 19:25 - 2009-08-10 22:00 - 00352768 _RSHC () C:\Windows\SysWOW64\ac3DX.ax
2014-12-09 19:25 - 2005-02-22 16:55 - 00081920 _RSHC () C:\Windows\SysWOW64\aac_parser.ax
2014-12-09 19:25 - 2004-04-27 15:03 - 00017408 _RSHC (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2014-12-09 18:25 - 2014-12-09 18:25 - 00003292 ____C () C:\Windows\System32\Tasks\Starup Sync Time
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\Users\bensie\Downloads\epson375769eu
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\ProgramData\EPSON
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\Program Files (x86)\EPSON
2014-12-07 17:11 - 2005-06-09 01:02 - 00119808 ____C (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMAEE.DLL
2014-12-07 17:11 - 2005-04-11 01:01 - 00086528 ____C (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBAEE.DLL
2014-12-07 17:11 - 2005-02-02 12:05 - 00008704 ____C (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-12-07 17:03 - 2014-12-07 17:03 - 00000000 ___DC () C:\Users\bensie\AppData\Local\FreeOCR
2014-12-07 16:59 - 2014-12-07 17:06 - 00000000 ____D () C:\FreeOCR
2014-12-07 16:59 - 2007-03-10 10:11 - 02680320 ____C (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-12-07 16:56 - 2014-12-07 16:56 - 00000850 ____C () C:\Users\bensie\AppData\Local\recently-used.xbel
2014-12-07 15:56 - 2014-12-07 15:56 - 00002121 ____C () C:\Users\bensie\Desktop\Adobe Acrobat XI Pro.exe - Verknüpfung.lnk
2014-12-03 17:08 - 2014-12-03 17:08 - 00000000 ___DC () C:\Users\bensie\Downloads\Futuremark PCMark 8 v2.2.282 Professional Edition License Key
2014-12-02 18:36 - 2014-12-02 18:36 - 00000730 ____C () C:\Users\Public\Desktop\Far Cry 4.lnk
2014-12-02 18:36 - 2014-12-02 18:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4
2014-12-02 15:56 - 2014-12-02 15:57 - 00000000 ___DC () C:\Users\bensie\Downloads\Der_Tourist_Feat._Friedrich_Liechtenstein-Supergeil_EP-WEB-DE-2014-VOiCE_iNT
2014-12-01 16:07 - 2014-12-01 16:07 - 13286631 ____C () C:\Users\bensie\Downloads\AAF_ufs910_nightly_p215_titan_v1-56_UPDATEUSB_20141109_nightly.zip
2014-12-01 15:15 - 2014-12-01 15:51 - 00000000 ___DC () C:\Users\bensie\Downloads\enigma_2_astra_matze
2014-11-27 18:44 - 2014-11-27 18:44 - 197420462 ____C () C:\Users\bensie\Downloads\Revolverheld - Lass uns gehen - Warnemünde 2014 live (1080p).mp4
2014-11-27 18:36 - 2014-11-27 18:36 - 66432236 ____C () C:\Users\bensie\Downloads\Revolverheld - Halt dich an mir fest live in Warnemünde (720p).mp4
2014-11-27 18:33 - 2014-11-27 18:33 - 78068964 ____C () C:\Users\bensie\Downloads\Rostock Warnemünde im Juli 2014 - Sonne _ Party _ Shipspotting (1080p).mp4
2014-11-27 18:33 - 2014-11-27 18:33 - 69478444 ____C () C:\Users\bensie\Downloads\Revolverheld - Spinner live in Warnemünde (720p).mp4
2014-11-27 18:26 - 2014-11-27 18:26 - 99460286 ____C () C:\Users\bensie\Downloads\Milow - Warnemünde Rostock 2014 live (1080p).mp4
2014-11-27 18:25 - 2014-11-27 18:25 - 100611996 ____C () C:\Users\bensie\Downloads\Revolverheld - Ich lass für dich das Licht an (Live in Warnemünde 26.07.2014).mp4
2014-11-27 18:22 - 2014-11-27 18:22 - 143145325 ____C () C:\Users\bensie\Downloads\Andreas Bourani - Alles nur in meinem Kopf - Warnemünde 2014 - live (1080p).mp4
2014-11-27 18:17 - 2014-11-27 18:17 - 104757787 ____C () C:\Users\bensie\Downloads\N-JOY THE BEACH - Andreas Bourani in Rostock - Warnemünde (720p).mp4
2014-11-26 17:54 - 2014-11-26 17:55 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Future_Trance_Vol.70-3CD-2014-VOiCE
2014-11-26 17:53 - 2014-11-26 17:53 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Kontor_Top_Of_The_Clubs_The_Biggest_Hits_Of_The_Year_MMXIV-3CD-2014-VOiCE
2014-11-26 17:49 - 2014-11-26 17:49 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Club_Sounds_Vol.71-3CD-2014-VOiCE
2014-11-26 16:46 - 2014-11-26 16:46 - 06973421 ____C () C:\Users\bensie\Downloads\Meyhem Lauren - 'Got The Fever' NYC Graffiti New York City (256 kbit_s).m4a
2014-11-26 16:24 - 2014-11-26 16:24 - 00050135 ____C () C:\Users\bensie\Documents\untitled.gcs
2014-11-26 15:09 - 2014-11-26 15:09 - 08538138 ____C () C:\Users\bensie\Downloads\KCBR - Live Life Like.mp4
2014-11-26 14:59 - 2014-11-26 14:59 - 02871371 ____C () C:\Users\bensie\Downloads\All Day All Night Remix by KCBR (256 kbit_s).m4a
2014-11-25 18:49 - 2014-11-25 18:49 - 06626832 ____C (TeamViewer GmbH) C:\Users\bensie\Downloads\TeamViewer_Setup_de.exe
2014-11-25 18:49 - 2014-11-25 18:49 - 00001181 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-25 18:49 - 2014-11-25 18:49 - 00001169 ____C () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-25 17:32 - 2014-11-25 17:32 - 00000000 ___DC () C:\Users\bensie\AppData\Local\Xilisoft
2014-11-25 17:30 - 2014-11-25 17:30 - 70441345 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (1080p).mp4
2014-11-25 17:30 - 2014-11-25 17:30 - 07940109 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (256 kbit_s).aac
2014-11-25 17:13 - 2014-11-25 17:13 - 07908857 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (256 kbit_s).m4a
2014-11-24 17:29 - 2014-11-24 17:30 - 00025593 ____C () C:\Windows\ftp.log
2014-11-24 17:29 - 2014-11-24 17:29 - 00001498 ____C () C:\Windows\environment_00.log
2014-11-24 17:29 - 2014-11-24 17:29 - 00001498 ____C () C:\Windows\environment.log
2014-11-23 15:15 - 2014-11-23 15:15 - 00000000 ___DC () C:\ProgramData\LSI
2014-11-23 15:15 - 2012-07-02 06:00 - 00138024 ____C () C:\Windows\system32\wdcfg.exe
2014-11-23 15:15 - 2012-07-02 05:58 - 00135464 ____C (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 16:22 - 2011-12-06 00:15 - 00000600 ____C () C:\Users\bensie\PUTTY.RND
2014-12-23 16:05 - 2014-07-01 14:58 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 16:00 - 2014-10-28 15:48 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e.job
2014-12-23 15:54 - 2014-06-30 13:42 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54.job
2014-12-23 15:53 - 2014-01-30 17:40 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400.job
2014-12-23 15:39 - 2009-07-14 18:58 - 00705676 ____C () C:\Windows\system32\perfh007.dat
2014-12-23 15:39 - 2009-07-14 18:58 - 00151860 ____C () C:\Windows\system32\perfc007.dat
2014-12-23 15:39 - 2009-07-14 06:13 - 01637776 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 15:37 - 2009-07-14 05:45 - 00024416 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 15:37 - 2009-07-14 05:45 - 00024416 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 15:35 - 2011-12-02 19:14 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B36D631-CF70-4CFC-B51D-A1B6952F4B32}
2014-12-23 15:33 - 2011-12-02 19:11 - 02025331 ____C () C:\Windows\WindowsUpdate.log
2014-12-23 15:32 - 2011-12-02 19:20 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Desktop Sidebar
2014-12-23 15:31 - 2014-11-14 17:55 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f.job
2014-12-23 15:31 - 2014-10-28 15:48 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4.job
2014-12-23 15:31 - 2014-02-02 16:59 - 00000000 ___DC () C:\ProgramData\VMware
2014-12-23 15:31 - 2011-12-02 19:51 - 00000000 ___DC () C:\ProgramData\NVIDIA
2014-12-23 15:31 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-12-23 15:31 - 2009-07-14 05:51 - 00039544 ____C () C:\Windows\setupact.log
2014-12-22 16:31 - 2011-12-06 21:05 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\FileZilla
2014-12-22 15:55 - 2013-05-16 21:18 - 00000000 ___DC () C:\tmp
2014-12-22 15:31 - 2014-07-22 17:11 - 00000000 ___DC () C:\Users\bensie\Documents\Virtual Machines
2014-12-22 15:31 - 2014-02-02 17:01 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\VMware
2014-12-22 15:16 - 2014-02-02 17:01 - 00000000 ___DC () C:\Users\bensie\AppData\Local\VMware
2014-12-18 20:04 - 2013-09-19 19:59 - 00000000 ___DC () C:\Users\bensie\Downloads\MeGUI_2356_x86
2014-12-18 19:46 - 2011-12-06 00:22 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\vlc
2014-12-18 19:00 - 2014-09-30 14:45 - 00000000 ___DC () C:\Users\bensie\Downloads\BD_Rebuilder
2014-12-18 17:07 - 2013-12-02 19:32 - 00000000 ___DC () C:\Users\bensie\channel
2014-12-18 17:07 - 2011-12-02 19:08 - 00000000 ___DC () C:\Users\bensie
2014-12-18 16:17 - 2014-06-03 18:13 - 00000000 ___DC () C:\Temp
2014-12-18 15:52 - 2011-12-06 22:00 - 00002603 ____C () C:\Users\Public\Desktop\SatChannelListEditor.lnk
2014-12-18 15:52 - 2011-12-06 22:00 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SatChannelListEditor
2014-12-18 15:52 - 2011-12-06 22:00 - 00000000 ___DC () C:\Program Files (x86)\SatChannelListEditor
2014-12-16 16:01 - 2011-12-05 23:48 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2014-12-16 16:01 - 2011-12-05 23:47 - 00000000 ___DC () C:\ProgramData\Xilisoft
2014-12-16 16:01 - 2011-12-05 23:47 - 00000000 ___DC () C:\Program Files (x86)\Xilisoft
2014-12-12 17:19 - 2014-03-06 18:52 - 00000000 ___DC () C:\ProgramData\Orbit
2014-12-12 16:58 - 2014-08-07 17:07 - 00000000 ___DC () C:\Users\bensie\AppData\Local\JDownloader v2.0
2014-12-12 15:55 - 2014-01-30 17:35 - 00002178 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 15:43 - 2014-03-18 19:34 - 00000000 ___DC () C:\Program Files (x86)\Java
2014-12-12 15:43 - 2013-12-14 18:51 - 00000000 ___DC () C:\Users\bensie\AppData\Local\CrashDumps
2014-12-11 17:41 - 2012-05-31 19:44 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\BOM
2014-12-11 15:50 - 2011-12-02 19:51 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation
2014-12-11 14:44 - 2013-12-11 20:55 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\AnvSoft
2014-12-11 14:12 - 2014-11-10 14:44 - 00002441 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 14:12 - 2011-12-02 19:13 - 00001154 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-11 14:12 - 2011-12-02 19:13 - 00001142 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-11 14:12 - 2011-12-02 19:08 - 00001428 ____C () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-11 13:11 - 2012-05-03 19:54 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 13:11 - 2011-12-02 20:27 - 00248594 ____C () C:\Windows\PFRO.log
2014-12-10 18:15 - 2012-11-14 22:42 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\XMedia Recode
2014-12-10 16:44 - 2011-12-08 20:28 - 00000000 ___DC () C:\Program Files (x86)\megui
2014-12-10 13:34 - 2014-06-17 15:04 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\HandBrake
2014-12-09 19:25 - 2013-12-11 20:03 - 00000000 ___DC () C:\Program Files (x86)\eRightSoft
2014-12-09 19:05 - 2014-07-01 14:58 - 00701104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 19:05 - 2014-07-01 14:58 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 19:05 - 2014-07-01 14:58 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 14:45 - 2011-12-02 19:44 - 00000000 ___DC () C:\Program Files (x86)\MSECache
2014-12-07 16:56 - 2014-09-30 17:18 - 00000000 ___DC () C:\Users\bensie\.gimp-2.8
2014-12-04 16:56 - 2014-06-03 18:13 - 00000022 ____C () C:\Windows\GPU-Z.INI
2014-12-03 18:53 - 2012-09-27 21:10 - 00000000 ___DC () C:\ProgramData\Temp
2014-12-03 18:43 - 2014-09-08 15:42 - 00007168 _____ () C:\My3DGraph.grf
2014-12-02 19:20 - 2014-02-13 20:53 - 00000000 ___DC () C:\Windows\rescache
2014-12-02 16:38 - 2014-10-28 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Free Audio Editor
2014-12-01 18:56 - 2012-05-31 19:46 - 00000000 ___DC () C:\Program Files (x86)\Biet-O-Matic
2014-11-26 18:10 - 2012-06-01 19:09 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Mp3tag
2014-11-26 15:32 - 2014-08-19 15:58 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\XBMC
2014-11-26 14:28 - 2011-12-02 19:20 - 00073760 ____C () C:\Users\bensie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-26 14:28 - 2009-07-14 05:45 - 00305952 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 18:49 - 2012-10-22 21:06 - 00000000 ___DC () C:\Program Files (x86)\TeamViewer
2014-11-25 18:49 - 2011-12-14 21:15 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\TeamViewer
2014-11-25 17:54 - 2014-10-28 16:26 - 00002022 ____C () C:\Users\bensie\Desktop\Free Audio Editor.lnk
2014-11-25 17:54 - 2014-10-28 16:26 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Editor
2014-11-25 17:54 - 2014-10-28 16:26 - 00000000 ___DC () C:\Program Files (x86)\Free Audio Editor
2014-11-23 14:52 - 2012-11-06 22:37 - 12488704 ____C () C:\Users\bensie\AppData\Roaming\Sandra.mdb

Files to move or delete:
====================
C:\Users\bensie\pcwJavaUpdater.exe


Some content of TEMP:
====================
C:\Users\bensie\AppData\Local\Temp\bassmod.dll
C:\Users\bensie\AppData\Local\Temp\f4f2a446-6cf6-458d-b85a-dcb16e8ac472.exe
C:\Users\bensie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\bensie\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\bensie\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\bensie\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\bensie\AppData\Local\Temp\nvStInst.exe
C:\Users\bensie\AppData\Local\Temp\proxy_vole4624690516786282716.dll
C:\Users\bensie\AppData\Local\Temp\s4s15.exe
C:\Users\bensie\AppData\Local\Temp\vcredist_x64_vs2010.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-12-22 19:08

==================== End Of Log ============================

--- --- ---
--- --- ---
und die Addition

Zitat:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by bensie at 2014-12-23 16:30:25
Running from C:\Users\bensie\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\uTorrent) (Version: 3.4.2.33497 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{4198fd8f-98bd-4240-9b3a-ab2643e532f6}) (Version: 1.3.708.0 - Futuremark)
3DMark (Version: 1.3.708.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAF UFS910/UFS922/TF7700 MultiPart Installer V1.9 (HKLM-x32\...\AAF UFS910/UFS922/TF7700 MultiPart Installer_is1) (Version: - © 2010 Black_64)
AAF_Recovery_tool installer UFS910 V1.9 (HKLM-x32\...\AAF Recovery tool UFS910_is1) (Version: - © 2010 Black_64)
Acronis*Disk*Director*11*Home (HKLM-x32\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced EFS Password Recovery (HKLM-x32\...\{0594D411-FF62-40A5-9D73-768F212AE305}) (Version: 4.43.43.1109 - Elcomsoft Co. Ltd.)
AIDA64 Extreme v4.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.50 - FinalWire Ltd.)
Aiseesoft Blu-ray Copy 7.0.18 (HKLM-x32\...\{A24AAF6D-3EDB-43da-89BE-1A95D5CFA672}_is1) (Version: 7.0.18 - Aiseesoft Studio)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 - Digital Deluxe Edition (HKLM-x32\...\{8CEB57D1-A8EA-40FE-86CB-54DF4156344D}_is1) (Version: 1.14 - Bohemia Interactive)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Battlefield 4 German Edition 1.0.1 (HKLM-x32\...\Battlefield 4 German Edition 1.0.1) (Version: - )
Battlefield 4 Update 4 (HKLM-x32\...\QmF0dGxlZmllbGQ0_is1) (Version: 1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bitvise SSH Client 4.51 (remove only) (HKLM-x32\...\BvSshClient) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: 1.0 - ENiGMA)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version: - )
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 3 Version 1.3 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3 - EA Games)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DATA BECKER BewerbungsGenie 7 (HKLM-x32\...\BewerbungsGenie 7_is1) (Version: 6.0.10.49 - DATA BECKER GmbH & Co. KG)
Desktop Sidebar (HKLM-x32\...\{A92D7264-1A13-45BE-B769-88445DD04FD6}) (Version: 1.05.116 - Idea2)
DiskBoss 4.8.32 (HKLM-x32\...\DiskBoss) (Version: 4.8.32 - Flexense Computing Systems Ltd.)
DiskInternals EFS Recovery (HKLM-x32\...\DiskInternals EFS Recovery) (Version: 2.3 - DiskInternals Research)
Driver San Francisco (HKLM-x32\...\Driver San Francisco_is1) (Version: - )
DVDFab 9.1.2.5 (22/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Elcomsoft Dictionaries (HKLM-x32\...\{74A23A1E-A394-4880-AB2B-076EDFC52AB5}) (Version: 1.0.1110 - Elcomsoft Co. Ltd.)
Elcomsoft Wireless Security Auditor (HKLM-x32\...\{7A790311-54C6-41D3-9AC5-C3EB88ACE073}) (Version: 5.02.272.1451 - Elcomsoft Co. Ltd.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{39BFB173-09EB-4286-84E1-2FAFC97107E1}) (Version: 6.0.316.1 - ESET, spol s r. o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Ext2 IFS 1.11a for Windows Vista/2008 (HKLM\...\Ext2Ifs_for_NT6) (Version: - )
Far Cry 4 Version 1.0 (HKLM-x32\...\{62727D50-FA74-4A53-B57F-0DCBD9D8C1BB}_is1) (Version: 1.0 - UBISoft)
FarCry 3 Version 1.05 (HKLM-x32\...\{A5C3B95A-EA88-4BD4-A23C-4F58774C13AB}_is1) (Version: 1.05 - Ubisoft)
ffdshow x64 v1.3.4532 [2014-07-17] (HKLM\...\ffdshow64_is1) (Version: 1.3.4532.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free Audio Editor v7.9.4 (HKLM-x32\...\Free Audio Editor_is1) (Version: - FreeAudioStudio Inc.)
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
Geekbench 3 (HKLM-x32\...\Geekbench 3) (Version: - Primate Labs Inc.)
Geeks3D.com FurMark 1.9.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.5.3 (HKLM-x32\...\GoPro Studio) (Version: 2.5.3 - GoPro, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version: - )
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
Kolor Autopano Giga 3.7 (HKLM\...\AutopanoGiga3.7) (Version: V3.7.0 - Kolor)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Media Player Utilities 4.37 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.37 - )
MediaInfo 0.7.51 (HKLM\...\MediaInfo) (Version: 0.7.51 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 5.8.0 (HKLM-x32\...\MKVToolNix) (Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed The Run Version 1.0 (HKLM-x32\...\Need for Speed The Run_is1) (Version: 1.0 - EA Games)
North and South The Game (c) BitComposer version 1 (HKLM-x32\...\Tm9ydGhhbmRTb3V0aFRoZUdhbWU=_is1) (Version: 1 - )
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{D312F154-8455-45C1-A44E-1AED321E6E95}) (Version: 1.6.4 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 12 Professional (HKLM-x32\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCMark 8 (HKLM-x32\...\{0f7b7b74-b858-4b4b-8e3d-306827f55e8d}) (Version: 2.2.282.0 - Futuremark)
PCMark 8 (Version: 2.2.282.0 - Futuremark) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1035.0 - Passmark Software)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SatChannelListEditor (HKLM-x32\...\{FEF1737C-FB20-41DD-86D6-209A8D5C6D82}) (Version: 5.4.0 - Elemental)
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
SiSoftware Sandra Personal 2012.SP5c (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.74.2012.10 - SiSoftware)
SmartFTP Client (HKLM\...\{0337D302-50F9-47F3-A63C-0EC7C6FAD3A7}) (Version: 6.0.2078.0 - SmartSoft Ltd.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SUPER © v2014.build.63+Recorder (2014/11/27) Version v2014.buil (HKLM-x32\...\{8E2A19E2-96BF-8659-4DA7-5C06C90719A4}_is1) (Version: v2014.build.63+Recorder - eRightSoft)
Syncios Version 4.1.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.5 - Anvsoft, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{0AF28D4B-7525-4C85-A89E-10C23D6959AA}) (Version: 4.0.12.42 - Pegasys Inc.)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version: - )
Tomb Raider (HKLM-x32\...\Tomb Raider_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSDoctor (HKLM-x32\...\{B737ED31-760E-444A-A696-3D8DB8988412}) (Version: 1.2.116 - Cypheros)
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 1.1.0.0 - Microsoft Corporation)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
XBMC (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\XBMC) (Version: - Team XBMC)
Xilisoft iPad Magic Platinum (HKLM-x32\...\Xilisoft iPad Magic Platinum) (Version: 5.6.5.20141020 - Xilisoft)
Xilisoft iPhone to PC Copy (HKLM-x32\...\Xilisoft iPhone to PC Copy) (Version: 5.4.7.20121205 - Xilisoft)
ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

12-12-2014 15:42:36 Installed Java 7 Update 71
18-12-2014 15:52:01 Installed SatChannelListEditor

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-25 17:20 - 00000892 ___AC C:\Windows\system32\Drivers\etc\hosts
74.208.10.249 gs.apple.com
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {023CC3E0-BCA0-41F9-8CB5-D66FE089E3C9} - System32\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {1E03900A-E286-432F-A728-7155B1C713DE} - System32\Tasks\{A217DC53-79AC-4E6C-BC86-7E8776A04C44} => pcalua.exe -a H:\OriginInstaller.exe -d H:\
Task: {227B1AE5-68E4-48F6-B89C-5B0A3F0F9CFC} - System32\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {2C353DF0-893D-4246-8561-5FC69C47FB5F} - System32\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {49D02C34-8C34-447D-BB4F-D2D25A03F880} - System32\Tasks\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-5 => C:\Program Files (x86)\SmartSaver+ 15\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-5.exe <==== ATTENTION
Task: {7CBE01CD-6908-412F-9B64-F64BA9EF75F8} - System32\Tasks\{4FBCA705-7397-429D-849F-53919193796D} => Z:\download\zv3937zr8823bv6\CyberLink PowerDVD Ultra 12.0.1312.54 Multilingual.Incl.Keymaker -BigX-\keygen.exe
Task: {85178AE6-0E8F-40CA-B6F6-5837DFD127BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {86197F4A-E44B-44D9-B530-42C5CCB9CE32} - System32\Tasks\temp_9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2 => C:\Users\bensie\AppData\Local\Temp\nsaFB80.tmp\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2.exe <==== ATTENTION
Task: {96108EBB-0857-4322-A392-87E15061A37D} - System32\Tasks\{C445E232-4D7A-4FDB-85C0-EFDDCD2ED512} => Z:\download\zv3937zr8823bv6\CyberLink PowerDVD Ultra 12.0.1312.54 Multilingual.Incl.Keymaker -BigX-\keygen.exe
Task: {9A308F33-2067-47CA-A2FA-D11D9F466AC7} - System32\Tasks\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2 => C:\Program Files (x86)\SmartSaver+ 15\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2.exe <==== ATTENTION
Task: {A34203B6-A899-45D7-9958-DFEEB13662D0} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {A3566D7C-0C32-4E0D-ACFE-23750CE3BBA4} - System32\Tasks\Starup Sync Time => Sc.exe start w32time task_started
Task: {BB3F28C5-BB8C-4791-8C22-8B8477E60BC0} - System32\Tasks\{93694C61-4B30-4602-A9D8-A522C2D807B7} => G:\Call of Duty Black Ops II\t6sp.exe
Task: {BF882ECC-1710-4D32-8C58-24A2996B6F64} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {C448E449-5E48-40C0-A0F8-7C081B6628AE} - System32\Tasks\{A1B7AA58-04DC-4052-84A7-85C42FFC5C03} => C:\Users\bensie\Downloads\h264ts_cutter_v111\H264TS_Cutter.exe [2008-01-14] (www.h264tscutter.de)
Task: {E480900F-5111-4DE1-82C1-399305D110BA} - System32\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {EF250EDE-7E77-4108-ACB6-BF85A19AA6CA} - System32\Tasks\{A1DDCB6D-819B-4DF4-94ED-6E0D1B0B1A9A} => C:\Users\bensie\Downloads\Ext2IFS_1_11a.exe
Task: {F309E279-2AAF-4A60-81E6-018F65C5B603} - System32\Tasks\{27F29ECD-0E35-4427-8432-BF187A2532E6} => C:\Users\bensie\Downloads\Ext2IFS_1_11a.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-12-02 19:51 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-28 14:42 - 2010-07-02 13:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-10-20 17:26 - 2014-12-10 18:31 - 00104928 ____C () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-07-23 08:41 - 2014-07-23 08:41 - 00114688 ____C () C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
2010-09-30 15:16 - 2010-09-30 15:16 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2013-08-27 11:09 - 2013-08-27 11:09 - 14401104 ____C () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-11-03 17:54 - 2014-10-31 16:53 - 00747520 ____C () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-10-20 17:26 - 2014-12-10 18:31 - 00732128 ____C () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 ____C () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 ____C () C:\Program Files (x86)\SupTab\Loader32.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 08:33 - 2014-07-23 08:33 - 02408448 ____C () C:\Program Files (x86)\DiskBoss\bin\libdbs.dll
2014-07-23 08:31 - 2014-07-23 08:31 - 00720896 ____C () C:\Program Files (x86)\DiskBoss\bin\libpal.dll
2013-08-27 11:42 - 2013-08-27 11:42 - 01260624 ____C () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-11-05 01:01 - 2014-11-05 01:01 - 01794560 ____C () C:\Program Files (x86)\GoPro\Tools\Importer\GPSDKAnalyticsNet.dll
2014-01-20 17:30 - 2013-07-05 06:24 - 00861960 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\common\UNO\UNO.dll
2014-01-20 17:30 - 2013-05-02 01:06 - 00081920 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
2014-01-20 17:30 - 2013-05-02 01:06 - 00053248 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
2014-01-20 17:30 - 2013-05-02 01:06 - 00655360 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
2014-01-20 17:30 - 2013-07-05 06:24 - 00043272 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-11 19:22 - 2009-02-27 16:38 - 00139264 ___RC () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-11-03 17:54 - 2014-10-31 15:20 - 00386560 ____C () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-11-03 17:54 - 2013-03-01 10:30 - 00059904 ____C () C:\Program Files (x86)\Syncios\zlib.dll
2014-11-03 17:54 - 2013-03-01 10:30 - 00526848 ____C () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-11-03 17:54 - 2014-04-29 17:11 - 00067072 ____C () C:\Program Files (x86)\Syncios\zlib1.dll
2014-11-03 17:54 - 2014-01-06 11:24 - 00671744 ____C () C:\Program Files (x86)\Syncios\hashab.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-10-20 17:26 - 2014-12-10 18:31 - 00022496 ____C () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-12-10 16:17 - 2014-12-10 16:17 - 03758192 ____C () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-09 19:05 - 2014-12-09 19:05 - 16841392 ____C () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
AlternateDataStreams: C:\ProgramData\Temp:C7D0F96D
AlternateDataStreams: C:\Users\bensie\Documents\Bild (13).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\bensie\Documents\Bild (13).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\bensie\Documents\Bild (14).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\bensie\Documents\Bild (14).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ISUSPM => "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3106869042-3269868222-4255230798-500 - Administrator - Disabled)
bensie (S-1-5-21-3106869042-3269868222-4255230798-1001 - Administrator - Enabled) => C:\Users\bensie
Gast (S-1-5-21-3106869042-3269868222-4255230798-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3106869042-3269868222-4255230798-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2014 03:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 22.12.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 140c

Startzeit: 01d01ebf11e89cb7

Endzeit: 3

Anwendungspfad: C:\Users\bensie\Downloads\FRST64.exe

Berichts-ID:

Error: (12/22/2014 07:09:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:09:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:09:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:08:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 06:00:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 06:00:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 05:56:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 06:32:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 05:18:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

System errors:
=============
Error: (12/23/2014 03:32:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/23/2014 03:31:44 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/23/2014 03:31:44 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 03:42:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/22/2014 03:41:51 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 03:41:51 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 02:34:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/22/2014 02:33:12 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 02:33:12 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/18/2014 03:33:55 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Microsoft Office Sessions:
=========================
Error: (12/23/2014 03:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe22.12.2014.1140c01d01ebf11e89cb73C:\Users\bensie\Downloads\FRST64.exe

Error: (12/22/2014 07:09:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll

Error: (12/22/2014 07:09:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (12/22/2014 07:09:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe

Error: (12/22/2014 07:08:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe

Error: (12/16/2014 06:00:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\7088-5.manifest

Error: (12/16/2014 06:00:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\1456-5.manifest

Error: (12/16/2014 05:56:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\5212-5.manifest

Error: (12/14/2014 06:32:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\3520-5.manifest

Error: (12/14/2014 05:18:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\5696-5.manifest

CodeIntegrity Errors:
===================================
Date: 2014-06-24 17:35:06.727
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.696
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.618
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.692
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.661
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.552
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:34:48.042
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:34:48.010
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
Percentage of memory in use: 21%
Total physical RAM: 12279.3 MB
Available physical RAM: 9666.09 MB
Total Pagefile: 24556.77 MB
Available Pagefile: 21467.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.47 GB) (Free:72.19 GB) NTFS
Drive d: (4TB) (Fixed) (Total:3726.02 GB) (Free:1876.94 GB) NTFS
Drive h: (Die Olsenbande steigt aufs Dach) (CDROM) (Total:32.74 GB) (Free:0 GB) UDF
Drive u: (Boot) (Fixed) (Total:98.87 GB) (Free:30.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: () (Network) (Total:458.45 GB) (Free:169.68 GB)
Drive y: () (Network) (Total:1375.34 GB) (Free:91.93 GB)
Drive z: () (Network) (Total:1375.34 GB) (Free:461.33 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 22452244)
Partition 1: (Active) - (Size=98.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=832.6 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: F401F401)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 186.3 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 59.6 GB) (Disk ID: 83FC40BC)
Partition 1: (Active) - (Size=33.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=26.3 GB) - (Type=05)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: F0933FC9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 23.12.2014, 17:06

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

bensie · 23.12.2014, 18:36

ich hoffe das hilft

ich nutze sonst nur Linux und dieses Windows nur für das Spielen und trost eset virenscanner ist das echt nervig...

Combofix Logfile:

Code:

ATTFilter

ComboFix 14-12-14.01 - bensie 23.12.2014  18:21:45.3.24 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.12279.9659 [GMT 1:00]
ausgeführt von:: c:\users\bensie\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-- Vorheriger Suchlauf --
.
Infizierte Kopie von c:\windows\SysWow64\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt 
.
--------
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-23 bis 2014-12-23  ))))))))))))))))))))))))))))))
.
.
2014-12-23 14:45 . 2014-12-23 15:30	--------	d-----w-	C:\FRST
2014-12-23 14:42 . 2014-12-23 14:44	--------	dc----w-	c:\program files (x86)\VS Revo Group
2014-12-23 14:39 . 2014-12-23 14:40	--------	dc----w-	c:\users\bensie\AppData\Local\NPE
2014-12-23 14:39 . 2014-12-23 14:39	--------	dc----w-	c:\programdata\Norton
2014-12-18 16:07 . 2014-12-18 16:07	--------	dc----w-	c:\users\bensie\channel_e2
2014-12-12 16:49 . 2014-12-18 18:43	--------	dc----w-	c:\users\bensie\.mediathek3
2014-12-12 15:26 . 2014-12-12 15:26	--------	dc----w-	c:\users\bensie\AppData\Local\Ubisoft Game Launcher
2014-12-12 15:26 . 2014-12-12 15:26	--------	dc----w-	c:\program files (x86)\Ubisoft
2014-12-12 14:43 . 2014-12-12 14:43	--------	dc----w-	c:\program files (x86)\Common Files\Java
2014-12-11 14:50 . 2014-11-12 20:46	615624	-c--a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-12-11 14:11 . 2014-12-11 14:11	--------	dc----w-	c:\program files (x86)\Media Player Utilities 4.37
2014-12-11 14:08 . 2014-12-11 14:08	--------	dc----w-	c:\users\bensie\AppData\Roaming\iOrgSoft
2014-12-11 14:03 . 2014-12-11 14:03	--------	dc----w-	c:\program files (x86)\iOrgSoft
2014-12-10 17:33 . 2014-12-10 17:33	--------	dc----w-	c:\users\bensie\AppData\Roaming\dlg
2014-12-10 17:31 . 2014-12-10 17:31	--------	dc----w-	c:\programdata\IePluginServices
2014-12-10 17:31 . 2014-12-10 17:31	--------	dc----w-	c:\program files (x86)\SupTab
2014-12-10 17:31 . 2014-12-11 13:13	--------	dc----w-	c:\programdata\WindowsMangerProtect
2014-12-10 16:53 . 2014-12-10 16:53	--------	dcsh--w-	c:\users\bensie\AppData\Local\EmieBrowserModeList
2014-12-10 15:31 . 2014-12-10 15:31	--------	dc----w-	c:\users\bensie\AppData\Roaming\AVS4YOU
2014-12-10 15:30 . 2014-12-10 15:30	--------	dc----w-	c:\program files (x86)\Common Files\AVSMedia
2014-12-10 15:30 . 2014-12-10 15:31	--------	dc----w-	c:\programdata\AVS4YOU
2014-12-10 15:30 . 2014-12-10 15:30	--------	dc----w-	c:\program files (x86)\AVS4YOU
2014-12-10 15:30 . 2012-03-23 17:59	1700352	-c--a-w-	c:\windows\SysWow64\GdiPlus.dll
2014-12-10 15:30 . 2012-03-23 17:59	24576	-c--a-w-	c:\windows\SysWow64\msxml3a.dll
2014-12-09 18:26 . 2014-03-07 09:03	98960	-csha-r-	c:\windows\SysWow64\avfilter-lav-4.dll
2014-12-09 18:26 . 2014-03-07 09:03	59536	-csha-r-	c:\windows\SysWow64\avresample-lav-1.dll
2014-12-09 18:26 . 2014-03-07 09:03	550032	-csha-r-	c:\windows\SysWow64\avformat-lav-55.dll
2014-12-09 18:26 . 2014-03-07 09:03	181392	-csha-r-	c:\windows\SysWow64\avutil-lav-52.dll
2014-12-09 18:26 . 2014-03-07 09:03	166544	-csha-r-	c:\windows\SysWow64\IntelQuickSyncDecoder.dll
2014-12-09 18:26 . 2014-03-07 09:03	118416	-csha-r-	c:\windows\SysWow64\swscale-lav-2.dll
2014-12-09 18:26 . 2014-03-07 09:03	109712	-csha-r-	c:\windows\SysWow64\libbluray.dll
2014-12-09 18:25 . 2014-03-07 09:03	313520	-csha-r-	c:\windows\SysWow64\HLvideo.dll
2014-12-09 18:25 . 2014-03-07 09:03	3109520	-csha-r-	c:\windows\SysWow64\avcodec-lav-55.dll
2014-12-09 18:25 . 2014-03-07 09:03	203408	-csha-r-	c:\windows\SysWow64\HLsplit.dll
2014-12-09 18:25 . 2014-03-07 09:03	122512	-csha-r-	c:\windows\SysWow64\HLaudio.dll
2014-12-09 18:25 . 2012-10-05 17:54	188416	-csha-r-	c:\windows\SysWow64\winDCE32.dll
2014-12-09 18:25 . 2011-06-14 18:05	121344	-csha-r-	c:\windows\SysWow64\TAKDSDecoder.ax
2014-12-09 18:25 . 2010-01-06 22:00	107520	-csha-r-	c:\windows\SysWow64\TAKDSDecoder.dll
2014-12-09 18:25 . 2012-07-11 21:00	75776	-c--a-w-	c:\windows\SysWow64\Olepau32.ax
2014-12-09 18:25 . 2011-02-11 08:26	112128	-csha-r-	c:\windows\SysWow64\OptimFROG.dll
2014-12-09 18:25 . 2009-08-10 21:00	352768	-csha-r-	c:\windows\SysWow64\ac3DX.ax
2014-12-09 18:25 . 2005-02-22 15:55	81920	-csha-r-	c:\windows\SysWow64\aac_parser.ax
2014-12-09 18:25 . 2004-04-27 14:03	17408	-csha-r-	c:\windows\SysWow64\RLOFRDec.ax
2014-12-07 16:11 . 2014-12-07 16:11	--------	dc----w-	c:\program files (x86)\EPSON
2014-12-07 16:11 . 2005-02-02 11:05	8704	-c--a-w-	c:\windows\system32\E_GCINST.DLL
2014-12-07 16:11 . 2005-06-09 00:02	119808	-c--a-w-	c:\windows\system32\E_ILMAEE.DLL
2014-12-07 16:11 . 2005-04-11 00:01	86528	-c--a-w-	c:\windows\system32\E_IBCBAEE.DLL
2014-12-07 16:11 . 2014-12-07 16:11	--------	dc----w-	c:\programdata\EPSON
2014-12-07 16:03 . 2014-12-07 16:03	--------	dc----w-	c:\users\bensie\AppData\Local\FreeOCR
2014-12-07 15:59 . 2007-03-10 09:11	2680320	-c--a-w-	c:\windows\SysWow64\ImageEnXLibrary.ocx
2014-12-07 15:59 . 2014-12-07 16:06	--------	d-----w-	C:\FreeOCR
2014-12-03 06:31 . 2014-12-03 06:31	227048	-c--a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-11-25 16:32 . 2014-11-25 16:32	--------	dc----w-	c:\users\bensie\AppData\Local\Xilisoft
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-09 18:05 . 2014-07-01 13:58	701104	-c--a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-09 18:05 . 2014-07-01 13:58	71344	-c--a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-20 15:04 . 2014-11-20 14:58	683520	----a-w-	c:\windows\system32\termsrv.dll
2014-11-20 15:04 . 2014-11-20 14:58	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2014-11-20 15:04 . 2014-11-20 14:58	681984	----a-w-	c:\windows\system32\adtschema.dll
2014-11-20 15:04 . 2014-11-20 14:58	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2014-11-20 15:04 . 2014-11-20 14:58	146432	----a-w-	c:\windows\system32\msaudite.dll
2014-11-20 15:03 . 2014-11-20 14:58	7168	----a-w-	c:\windows\SysWow64\KBDYAK.DLL
2014-11-20 15:03 . 2014-11-20 14:58	7168	----a-w-	c:\windows\system32\KBDYAK.DLL
2014-11-20 15:03 . 2014-11-20 14:58	7168	----a-w-	c:\windows\system32\KBDTAT.DLL
2014-11-20 15:03 . 2014-11-20 14:58	7168	----a-w-	c:\windows\system32\KBDRU1.DLL
2014-11-20 15:03 . 2014-11-20 14:58	7168	----a-w-	c:\windows\system32\KBDBASH.DLL
2014-11-20 15:03 . 2014-11-20 14:58	6656	----a-w-	c:\windows\SysWow64\KBDBASH.DLL
2014-11-20 15:03 . 2014-11-20 14:58	6656	----a-w-	c:\windows\system32\KBDRU.DLL
2014-11-20 15:03 . 2014-11-20 14:57	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-20 15:03 . 2014-11-20 14:57	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-11-20 15:03 . 2014-11-20 14:57	2051072	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-11-20 15:03 . 2014-11-20 14:57	799232	----a-w-	c:\windows\system32\ieapfltr.dll
2014-11-20 15:03 . 2014-11-20 14:57	54784	----a-w-	c:\windows\system32\jsproxy.dll
2014-11-20 15:03 . 2014-11-20 14:57	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2014-11-20 15:03 . 2014-11-20 14:57	633856	----a-w-	c:\windows\system32\ieui.dll
2014-11-20 15:03 . 2014-11-20 14:57	14390272	----a-w-	c:\windows\system32\ieframe.dll
2014-11-20 15:03 . 2014-11-20 14:57	2365440	----a-w-	c:\windows\system32\wininet.dll
2014-11-20 15:03 . 2014-11-20 14:57	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-11-20 15:03 . 2014-11-20 14:57	25110016	----a-w-	c:\windows\system32\mshtml.dll
2014-11-20 15:03 . 2014-11-20 14:57	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-11-20 15:03 . 2014-11-20 14:57	2124288	----a-w-	c:\windows\system32\inetcpl.cpl
2014-11-20 15:03 . 2014-11-20 14:57	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2014-11-20 15:03 . 2014-11-20 14:57	6040064	----a-w-	c:\windows\system32\jscript9.dll
2014-11-20 15:03 . 2014-11-20 14:57	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-11-20 15:03 . 2014-11-20 14:57	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-11-20 15:03 . 2014-11-20 14:57	1359360	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-11-20 15:03 . 2014-11-20 14:57	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-11-20 15:03 . 2014-11-20 14:57	114688	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-11-20 15:03 . 2014-11-20 14:57	388272	----a-w-	c:\windows\system32\iedkcs32.dll
2014-11-20 15:03 . 2014-11-20 14:57	1550336	----a-w-	c:\windows\system32\urlmon.dll
2014-11-20 15:03 . 2014-11-20 14:57	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-20 15:03 . 2014-11-20 14:57	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-11-20 15:03 . 2014-11-20 14:57	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-11-20 15:03 . 2014-11-20 14:57	4298240	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-11-20 15:03 . 2014-11-20 14:57	1892864	----a-w-	c:\windows\SysWow64\wininet.dll
2014-11-20 15:03 . 2014-11-20 14:57	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-11-20 15:03 . 2014-11-20 14:57	92160	----a-w-	c:\windows\system32\mshtmled.dll
2014-11-20 15:03 . 2014-11-20 14:57	580096	----a-w-	c:\windows\system32\vbscript.dll
2014-11-20 15:03 . 2014-11-20 14:57	199680	----a-w-	c:\windows\system32\msrating.dll
2014-11-20 15:03 . 2014-11-20 14:57	716800	----a-w-	c:\windows\system32\ie4uinit.exe
2014-11-20 15:03 . 2014-11-20 14:57	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-20 15:03 . 2014-11-20 14:57	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-11-20 15:03 . 2014-11-20 14:57	34304	----a-w-	c:\windows\system32\iernonce.dll
2014-11-20 15:03 . 2014-11-20 14:57	800768	----a-w-	c:\windows\system32\msfeeds.dll
2014-11-20 15:03 . 2014-11-20 14:57	316928	----a-w-	c:\windows\system32\dxtrans.dll
2014-11-20 15:03 . 2014-11-20 14:57	66560	----a-w-	c:\windows\system32\iesetup.dll
2014-11-20 15:03 . 2014-11-20 14:57	2884096	----a-w-	c:\windows\system32\iertutil.dll
2014-11-20 15:03 . 2014-11-20 14:57	501248	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-11-20 15:03 . 2014-11-20 14:57	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2014-11-20 15:03 . 2014-11-20 14:57	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-11-20 15:03 . 2014-11-20 14:57	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2014-11-20 15:03 . 2014-11-20 14:57	2048	----a-w-	c:\windows\system32\msxml3r.dll
2014-11-20 15:03 . 2014-11-20 14:57	1882624	----a-w-	c:\windows\system32\msxml3.dll
2014-11-20 15:03 . 2014-11-20 14:57	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2014-11-20 15:03 . 2014-11-20 14:58	878080	----a-w-	c:\windows\system32\IMJP10K.DLL
2014-11-20 15:03 . 2014-11-20 14:58	701440	----a-w-	c:\windows\SysWow64\IMJP10K.DLL
2014-11-20 15:03 . 2014-11-20 14:57	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-20 15:03 . 2014-11-20 14:57	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-20 15:03 . 2014-11-20 14:57	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-20 15:03 . 2014-11-20 14:57	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-20 15:03 . 2014-11-20 14:57	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-11-20 15:03 . 2014-11-20 14:57	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-11-20 15:03 . 2014-11-20 14:57	155064	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2014-11-20 15:03 . 2014-11-20 14:57	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-11-20 15:02 . 2014-11-20 14:58	680960	----a-w-	c:\windows\system32\audiosrv.dll
2014-11-20 15:02 . 2014-11-20 14:58	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2014-11-20 15:02 . 2014-11-20 14:58	442880	----a-w-	c:\windows\SysWow64\AUDIOKSE.dll
2014-11-20 15:02 . 2014-11-20 14:58	440832	----a-w-	c:\windows\system32\AudioEng.dll
2014-11-20 15:02 . 2014-11-20 14:58	374784	----a-w-	c:\windows\SysWow64\AudioEng.dll
2014-11-20 15:02 . 2014-11-20 14:58	296448	----a-w-	c:\windows\system32\AudioSes.dll
2014-11-20 15:02 . 2014-11-20 14:58	284672	----a-w-	c:\windows\system32\EncDump.dll
2014-11-20 15:02 . 2014-11-20 14:58	195584	----a-w-	c:\windows\SysWow64\AudioSes.dll
2014-11-20 14:59 . 2011-12-07 21:32	103374192	-c--a-w-	c:\windows\system32\MRT.exe
2014-11-20 14:59 . 2014-11-20 14:57	342016	----a-w-	c:\windows\system32\schannel.dll
2014-11-20 14:59 . 2014-11-20 14:57	309760	----a-w-	c:\windows\system32\ncrypt.dll
2014-11-20 14:59 . 2014-11-20 14:57	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2014-11-20 14:59 . 2014-11-20 14:57	86528	----a-w-	c:\windows\system32\TSpkg.dll
2014-11-20 14:59 . 2014-11-20 14:57	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2014-11-20 14:59 . 2014-11-20 14:57	314880	----a-w-	c:\windows\system32\msv1_0.dll
2014-11-20 14:59 . 2014-11-20 14:57	259584	----a-w-	c:\windows\SysWow64\msv1_0.dll
2014-11-20 14:59 . 2014-11-20 14:57	221184	----a-w-	c:\windows\SysWow64\ncrypt.dll
2014-11-20 14:59 . 2014-11-20 14:57	22016	----a-w-	c:\windows\system32\credssp.dll
2014-11-20 14:59 . 2014-11-20 14:57	210944	----a-w-	c:\windows\system32\wdigest.dll
2014-11-20 14:59 . 2014-11-20 14:57	17408	----a-w-	c:\windows\SysWow64\credssp.dll
2014-11-20 14:59 . 2014-11-20 14:57	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2014-11-20 14:59 . 2014-11-20 14:56	77824	----a-w-	c:\windows\system32\packager.dll
2014-11-20 14:59 . 2014-11-20 14:56	67584	----a-w-	c:\windows\SysWow64\packager.dll
2014-11-20 14:59 . 2014-11-20 14:56	3198976	----a-w-	c:\windows\system32\win32k.sys
2014-11-20 14:59 . 2014-11-20 14:56	3241984	----a-w-	c:\windows\system32\msi.dll
2014-11-20 14:59 . 2014-11-20 14:56	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-11-20 14:58 . 2014-11-20 14:56	861696	----a-w-	c:\windows\system32\oleaut32.dll
2014-11-20 14:58 . 2014-11-20 14:56	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2014-11-13 00:20 . 2014-09-30 17:44	16884632	-c--a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2014-09-30 17:44	2874456	-c--a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-07 09:03	3109520	-csha-r-	c:\windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03	98960	-csha-r-	c:\windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03	550032	-csha-r-	c:\windows\SysWOW64\avformat-lav-55.dll
2009-09-27 08:39	415744	-csh--w-	c:\windows\SysWOW64\avisynth.dll
2014-03-07 09:03	59536	-csha-r-	c:\windows\SysWOW64\avresample-lav-1.dll
2005-07-14 11:31	32256	-csh--w-	c:\windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03	181392	-csha-r-	c:\windows\SysWOW64\avutil-lav-52.dll
2004-02-22 09:11	764416	-csh--w-	c:\windows\SysWOW64\devil.dll
2014-03-07 09:03	122512	-csha-r-	c:\windows\SysWOW64\HLaudio.dll
2014-03-07 09:03	203408	-csha-r-	c:\windows\SysWOW64\HLsplit.dll
2014-03-07 09:03	313520	-csha-r-	c:\windows\SysWOW64\HLvideo.dll
2004-01-24 23:00	70656	-csh--w-	c:\windows\SysWOW64\i420vfw.dll
2014-03-07 09:03	166544	-csha-r-	c:\windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03	109712	-csha-r-	c:\windows\SysWOW64\libbluray.dll
2011-02-11 08:26	112128	-csha-r-	c:\windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03	118416	-csha-r-	c:\windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00	107520	-csha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54	188416	-csha-r-	c:\windows\SysWOW64\winDCE32.dll
2004-01-24 23:00	70656	-csh--w-	c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Desktop Sidebar\dsidebar.exe" [2006-07-09 1777664]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"="1419355871" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2010-07-05 333088]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"PowerDVD13Agent"="c:\program files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe" [2013-07-05 517144]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2013-08-27 111696]
"Syncios device service"="c:\program files (x86)\Syncios\SynciosDeviceService.exe" [2014-10-31 747520]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"HyperSLI Control Panel"="c:\program files (x86)\HyperSLI\HyperSLICP.exe" [2013-10-31 1811968]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GoPro Importer.lnk - c:\program files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [2014-11-5 3166208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 7ByteIo;7ByteIo;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys;c:\program files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [x]
R3 BioNTDrv;BioNTDrv;c:\program files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS;c:\program files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [x]
R3 cpuz135;cpuz135;c:\users\bensie\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\bensie\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 cpuz137;cpuz137;c:\windows\TEMP\cpuz137\cpuz137_x64.sys;c:\windows\TEMP\cpuz137\cpuz137_x64.sys [x]
R3 DIRECTIO;DIRECTIO;c:\program files\PerformanceTest\DirectIo64.sys;c:\program files\PerformanceTest\DirectIo64.sys [x]
R3 DRHARD;DRHARD;c:\windows\system32\DRIVERS\DRHARD.SYS;c:\windows\SYSNATIVE\DRIVERS\DRHARD.SYS [x]
R3 FARMNTIO;FARMNTIO;c:\windows\system32\drivers\farmntio.sys;c:\windows\SYSNATIVE\drivers\farmntio.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\RpcAgentSrv.exe [x]
R3 SliceDisk5;SliceDisk5;c:\users\bensie\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys;c:\users\bensie\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 ddrv;ddrv; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 Ext2fs;Ext2fs;c:\windows\system32\DRIVERS\ext2fs.sys;c:\windows\SYSNATIVE\DRIVERS\ext2fs.sys [x]
S1 IfsMount;IfsMount;c:\windows\system32\DRIVERS\ifsmount.sys;c:\windows\SYSNATIVE\DRIVERS\ifsmount.sys [x]
S1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
S1 VBoxDRV;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2014/01/20 17:31];c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [x]
S2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [x]
S2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe;c:\program files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 DiskBoss Service;DiskBoss Service;c:\program files (x86)\DiskBoss\bin\diskbsa.exe;c:\program files (x86)\DiskBoss\bin\diskbsa.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
S2 NfsClnt;Client für NFS;c:\windows\system32\nfsclnt.exe;c:\windows\SYSNATIVE\nfsclnt.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 OS Selector;Acronis OS Selector Activator;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe;c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
S3 ALSysIO;ALSysIO;c:\users\bensie\AppData\Local\Temp\ALSysIO64.sys;c:\users\bensie\AppData\Local\Temp\ALSysIO64.sys [x]
S3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 NfsRdr;Client für NFS-Redirector;c:\windows\system32\drivers\nfsrdr.sys;c:\windows\SYSNATIVE\drivers\nfsrdr.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RpcXdr;Server für NFS Open RPC (ONCRPC);c:\windows\system32\drivers\rpcxdr.sys;c:\windows\SYSNATIVE\drivers\rpcxdr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 14:54	1087816	-c--a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-01 18:05]
.
2014-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30 16:35]
.
2014-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30 16:35]
.
2014-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30 16:35]
.
2014-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30 16:35]
.
2014-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30 16:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-03-21 6330568]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-10-04 2800296]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2462536]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-05-09 13672152]
"EPSON Stylus DX4200 Series"="c:\windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE" [2005-03-08 98304]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV/AVI Video Converter... - c:\program files (x86)\Media Player Utilities 4.37\AMVConverter\grab.html
IE: Download with ImTOO iPhone Transfer Platinum - c:\program files (x86)\ImTOO\iPhone Transfer Platinum\upod_link.HTM
IE: Download with Xilisoft iPad Magic Platinum - c:\program files (x86)\Xilisoft\iPad Magic Platinum\upod_link.HTM
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\
FF - prefs.js: browser.search.selectedEngine - webssearches
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - user.js: extensions.blocklist.enabled - false
FF - user.js: app.update.auto - false
FF - user.js: security.mixed_content.block_active_content - false
FF - user.js: security.mixed_content.block_display_content - false
FF - user.js: app.update.staging.enabled - true
FF - user.js: app.update.interval - 31536000
FF - user.js: app.update.idletime - 31536000
FF - user.js: browser.search.update - false
FF - user.js: browser.search.update.interval - 31536000
FF - user.js: app.update.channel - default
FF - user.js: extensions.getAddons.cache.enabled - false
FF - user.js: app.update.download.backgroundInterval - 31536000
FF - user.js: browser.safebrowsing.appRepURL - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Actualizar la licencia de ESET.lnk - c:\program files (x86)\ESET\MiNODLogin\launcher.exe  -d 10000
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-Battlefield 4 German Edition 1.0.1 - e:\spiele\Battlefield 4 German Edition\Uninstall.exe
AddRemove-Crysis 3_is1 - g:\spiele\Crysis 3\unins000.exe
AddRemove-Tomb Raider_is1 - e:\spiele\Tomb Raider\unins000.exe
AddRemove-Xilisoft iPhone to PC Copy - c:\program files (x86)\Xilisoft\iPhone Transfer\Uninstall.exe
AddRemove-{8CEB57D1-A8EA-40FE-86CB-54DF4156344D}_is1 - g:\spiele\Arma 3\Uninstall\unins000.exe
AddRemove-{A5C3B95A-EA88-4BD4-A23C-4F58774C13AB}_is1 - d:\spiele\FarCry 3\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{09F57980-3432-4AFC-957D-27AC45FAE1F5}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ*\zVë*ˆh¾Önrogr]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*µ*\zVë*ˆh¾Önrogr\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*µ*\zVë*ˆh¾Önrogr]
"0"=hex:45,3a,5c,54,68,65,20,42,69,67,20,42,61,6e,67,20,54,68,65,6f,72,79,5c,
   53,74,61,66,66,65,6c,20,32,5c,69,74,6e,2d,74,62,62,74,2e,73,30,32,65,32,33,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\bgsvcgen.exe
c:\windows\SysWOW64\vmnat.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\program files (x86)\SupTab\HpUI.exe
c:\program files (x86)\SupTab\Loader32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-12-23  18:33:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-12-23 17:33
.
Vor Suchlauf: 22 Verzeichnis(se), 91.818.778.624 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 91.505.655.808 Bytes frei
.
- - End Of File - - 12E0F347E6FF1959D8337598EAB3B6F0

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31
[/QUOTE]

schrauber · 24.12.2014, 17:45

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7

Plagegeister aller Art und deren Bekämpfung: Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7