Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 23.12.2014, 16:39   #1
bensie
 
Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7 - Standard

Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7



Hallo,
ich bin neu hier und kann leider nicht an dem anderen Thread posten (keine Rechte), könnt ihr mir bitte helfen und das hier evtl auch verschieben

hier die Logs
FRST

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by bensie (administrator) on BENSIE-PC on 23-12-2014 16:29:58
Running from C:\Users\bensie\Downloads
Loaded Profile: bensie (Available profiles: bensie)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SOURCENEXT) C:\Windows\SysWOW64\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
() C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\nfsclnt.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Analog Devices, Inc.) C:\Users\bensie\Downloads\AD1988AB_Audio_V6585_XpVistaWin7\Driver\Win7\SM_Panel\x86\SoundMAX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Idea2) C:\Program Files (x86)\Desktop Sidebar\dsidebar.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [SoundMax] => C:\Users\bensie\Downloads\AD1988AB_Audio_V6585_XpVistaWin7\Driver\Win7\SM_Panel\x86\SoundMAX.exe [3866624 2009-06-05] (Analog Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [EPSON Stylus DX4200 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIAEE.EXE [98304 2005-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [333088 2010-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [PowerDVD13Agent] => C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe [517144 2013-07-05] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696 2013-08-27] (VMware, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [747520 2014-10-31] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HyperSLI Control Panel] => C:\Program Files (x86)\HyperSLI\HyperSLICP.exe [1811968 2013-10-31] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Run: [Sidebar] => C:\Program Files (x86)\Desktop Sidebar\dsidebar.exe [1777664 2006-07-09] (Idea2)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\RunOnce: [Adobe Speed Launcher] => 1419345111
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\MountPoints2: {41b15740-1185-11e2-80f6-806e6f6e6963} - I:\setup.exe
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\MountPoints2: {be0d6640-f607-11e3-bde0-806e6f6e6963} - H:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Actualizar la licencia de ESET.lnk
ShortcutTarget: Actualizar la licencia de ESET.lnk -> C:\Program Files (x86)\ESET\MiNODLogin\launcher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
ShellIconOverlayIdentifiers: [SmartFTP Drop] -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\ShellTools.dll (SmartSoft Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
BHO-x32: Idea2 SidebarBrowserMonitor Class -> {45AD732C-2CE2-4666-B366-B2214AD57A49} -> C:\Program Files (x86)\Desktop Sidebar\sbhelp.dll (Idea2)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "ftp", "217.12.113.67"
FF NetworkProxy: "ftp_port", 443
FF NetworkProxy: "http", "217.12.113.67"
FF NetworkProxy: "http_port", 443
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "217.12.113.67"
FF NetworkProxy: "socks_port", 443
FF NetworkProxy: "ssl", "217.12.113.67"
FF NetworkProxy: "ssl_port", 443
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKU\S-1-5-21-3106869042-3269868222-4255230798-1001: @protectdisc.com/NPPDLicenseHelper -> C:\Users\bensie\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF user.js: detected! => C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: Cookies Manager+ - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2013-08-08]
FF Extension: Flash and Video Download - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-12-09]
FF Extension: Stealthy - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\stealthyextension@gmail.com.xpi [2012-02-20]
FF Extension: {6e2d42c6-c36f-454d-ad42-db478c67d08b} - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{6e2d42c6-c36f-454d-ad42-db478c67d08b}.xpi [2014-12-11]
FF Extension: NoScript - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-02-27]
FF Extension: ZIP Wizard - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\Extensions\{be9533d2-0763-462e-abd7-027f0632abdf}.xpi [2014-12-14]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-04-29]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\bensie\AppData\Roaming\Mozilla\Firefox\Profiles\07ke7vne.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1418232675&from=cvs&uid=3219913727_132802_02264A9C&q={searchTerms}
CHR Profile: C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-30]
CHR Extension: (YouTube) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (Google-Suche) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-01-30]
CHR Extension: (Google Mail) - C:\Users\bensie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-09-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2011-12-15] (SOURCENEXT) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-07-05] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [327432 2013-07-05] (CyberLink)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) [File not signed]
R2 DiskBoss Service; C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe [114688 2014-07-23] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2013-09-04] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [714208 2014-12-10] (Cherished Technololgy LIMITED)
R2 NfsClnt; C:\Windows\system32\nfsclnt.exe [65536 2010-11-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2010-09-30] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\RpcAgentSrv.exe [68760 2008-09-05] (SiSoftware) [File not signed]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14401104 2013-08-27] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BioNTDrv; C:\Program Files\Paragon Software\Backup and Recovery 2014 Free\program\BioNTDrv.SYS [18696 2014-05-19] (Paragon Software Group)
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [38944 2011-12-15] (B.H.A Corporation)
S4 ddrv; No ImagePath
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-17] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [270272 2008-09-25] (Stephan Schreiber)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed]
R1 IfsMount; C:\Windows\System32\DRIVERS\ifsmount.sys [80320 2008-08-28] (Stephan Schreiber)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NfsRdr; C:\Windows\System32\drivers\nfsrdr.sys [246272 2010-11-20] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R3 RpcXdr; C:\Windows\System32\drivers\rpcxdr.sys [104960 2010-11-20] (Microsoft Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Personal 2012.SP5c\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2014-12-23] (Symantec Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-17] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-12-18] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-08-15] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-07-06] (CyberLink Corp.)
U3 acsgcbs4; C:\Windows\System32\Drivers\acsgcbs4.sys [0 ] (Advanced Micro Devices)
S3 7ByteIo; \??\C:\Program Files (x86)\Hot CPU Tester Pro 4 LE\SysInfoX64.sys [X]
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys [X]
R3 ALSysIO; \??\C:\Users\bensie\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz135; \??\C:\Users\bensie\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 SliceDisk5; \??\C:\Users\bensie\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 15:45 - 2014-12-23 16:30 - 00025669 ____C () C:\Users\bensie\Downloads\FRST.txt
2014-12-23 15:45 - 2014-12-23 16:29 - 00000000 ____D () C:\FRST
2014-12-23 15:42 - 2014-12-23 15:44 - 00000000 ___DC () C:\Program Files (x86)\VS Revo Group
2014-12-23 15:42 - 2014-12-23 15:42 - 02623656 ____C (VS Revo Group Ltd.) C:\Users\bensie\Downloads\revosetup95.exe
2014-12-23 15:41 - 2014-12-23 15:41 - 02122240 ____C (Farbar) C:\Users\bensie\Downloads\FRST64.exe
2014-12-23 15:39 - 2014-12-23 15:40 - 00108216 ____C (Symantec Corporation) C:\Windows\system32\Drivers\SMR430.SYS
2014-12-23 15:39 - 2014-12-23 15:40 - 00000020 ____C () C:\Windows\system32\Drivers\SMR430.dat
2014-12-23 15:39 - 2014-12-23 15:40 - 00000000 ___DC () C:\Users\bensie\AppData\Local\NPE
2014-12-23 15:39 - 2014-12-23 15:39 - 03077776 ____C (Symantec Corporation) C:\Users\bensie\Downloads\NPE.exe
2014-12-23 15:39 - 2014-12-23 15:39 - 00000000 ___DC () C:\ProgramData\Norton
2014-12-22 15:47 - 2014-12-22 15:47 - 82305268 ____C () C:\Users\bensie\Downloads\openhdf-gb800ueplus-166-20141222_usb.zip
2014-12-18 17:07 - 2014-12-18 17:07 - 00000000 ___DC () C:\Users\bensie\channel_e2
2014-12-18 16:06 - 2014-12-18 16:06 - 00000000 ___DC () C:\Users\bensie\Downloads\softcam-feed-mipsel_1.0_all
2014-12-14 19:17 - 2014-12-14 19:20 - 00000000 ___DC () C:\Users\bensie\Documents\NFSTR
2014-12-12 17:49 - 2014-12-18 19:43 - 00000000 ___DC () C:\Users\bensie\.mediathek3
2014-12-12 17:49 - 2014-12-12 17:49 - 00000000 ___DC () C:\Users\bensie\Downloads\MediathekView_8
2014-12-12 17:46 - 2014-12-12 17:46 - 00000788 ____C () C:\Users\Public\Desktop\Need for Speed The Run.lnk
2014-12-12 17:19 - 2014-12-12 17:19 - 00000000 ___DC () C:\Users\bensie\Documents\Ubisoft
2014-12-12 17:16 - 2014-12-12 17:16 - 00000712 ____C () C:\Users\Public\Desktop\Driver San Francisco.lnk
2014-12-12 17:16 - 2014-12-12 17:16 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-12 16:26 - 2014-12-12 16:26 - 00001208 ____C () C:\Users\bensie\Desktop\Uplay.lnk
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Local\Ubisoft Game Launcher
2014-12-12 16:26 - 2014-12-12 16:26 - 00000000 ___DC () C:\Program Files (x86)\Ubisoft
2014-12-12 15:43 - 2014-12-12 15:43 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-12 15:43 - 2014-09-26 18:36 - 00272808 ____C (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-12 15:42 - 2014-12-12 15:43 - 00004426 ____C () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-11 16:26 - 2014-12-11 16:26 - 00000000 ___DC () C:\Users\bensie\Downloads\Offcial Sound fix_realtex alc663
2014-12-11 15:50 - 2014-11-12 21:46 - 00615624 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-11 15:48 - 2014-11-13 01:20 - 31893136 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 24557712 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 20922512 ____C (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 19966344 ____C (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 17259664 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 14032984 ____C (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 13944952 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 13213512 ____C (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-11 15:48 - 2014-11-13 01:20 - 11397744 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 11336432 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 04292416 ____C (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 04011208 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 01876296 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 01540424 ____C (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00964928 ____C (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00935240 ____C (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00923792 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00900928 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00871648 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00352016 ____C (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00303600 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00174856 ____C (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-11 15:48 - 2014-11-13 01:20 - 00156840 ____C (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-11 15:11 - 2014-12-11 15:11 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.37
2014-12-11 15:11 - 2014-12-11 15:11 - 00000000 ___DC () C:\Program Files (x86)\Media Player Utilities 4.37
2014-12-11 15:08 - 2014-12-11 15:08 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\iOrgSoft
2014-12-11 15:03 - 2014-12-11 15:06 - 00000000 ___DC () C:\Users\bensie\Documents\Log Files
2014-12-11 15:03 - 2014-12-11 15:03 - 00000000 ___DC () C:\Users\bensie\Documents\iOrgSoft
2014-12-11 15:03 - 2014-12-11 15:03 - 00000000 ___DC () C:\Program Files (x86)\iOrgSoft
2014-12-10 18:33 - 2014-12-10 18:33 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\dlg
2014-12-10 18:31 - 2014-12-11 14:13 - 00000000 ___DC () C:\ProgramData\WindowsMangerProtect
2014-12-10 18:31 - 2014-12-10 18:31 - 00000000 ___DC () C:\ProgramData\IePluginServices
2014-12-10 18:31 - 2014-12-10 18:31 - 00000000 ___DC () C:\Program Files (x86)\SupTab
2014-12-10 17:53 - 2014-12-10 17:53 - 00000000 _SHDC () C:\Users\bensie\AppData\Local\EmieBrowserModeList
2014-12-10 16:31 - 2014-12-10 16:31 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:31 - 00000000 ___DC () C:\ProgramData\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00001244 ____C () C:\Users\bensie\Desktop\AVS Video Converter.lnk
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-12-10 16:30 - 2014-12-10 16:30 - 00000000 ___DC () C:\Program Files (x86)\AVS4YOU
2014-12-10 16:30 - 2012-03-23 18:59 - 01700352 ____C (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2014-12-10 16:30 - 2012-03-23 18:59 - 00024576 ____C (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-12-10 16:17 - 2014-12-10 16:17 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 19:26 - 2014-12-09 19:26 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-12-09 19:26 - 2014-03-07 10:03 - 00550032 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00181392 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00166544 _RSHC (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00118416 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00109712 _RSHC () C:\Windows\SysWOW64\libbluray.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00098960 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-4.dll
2014-12-09 19:26 - 2014-03-07 10:03 - 00059536 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2014-12-09 19:26 - 2014-01-31 15:20 - 00000493 _RSHC () C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2014-12-09 19:25 - 2014-03-07 10:03 - 03109520 _RSHC (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00313520 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00203408 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2014-12-09 19:25 - 2014-03-07 10:03 - 00122512 _RSHC (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2014-12-09 19:25 - 2012-10-05 18:54 - 00188416 _RSHC () C:\Windows\SysWOW64\winDCE32.dll
2014-12-09 19:25 - 2012-07-11 22:00 - 00075776 ____C (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2014-12-09 19:25 - 2011-06-14 19:05 - 00121344 _RSHC () C:\Windows\SysWOW64\TAKDSDecoder.ax
2014-12-09 19:25 - 2011-02-11 09:26 - 00112128 _RSHC () C:\Windows\SysWOW64\OptimFROG.dll
2014-12-09 19:25 - 2010-01-06 23:00 - 00107520 _RSHC () C:\Windows\SysWOW64\TAKDSDecoder.dll
2014-12-09 19:25 - 2009-08-10 22:00 - 00352768 _RSHC () C:\Windows\SysWOW64\ac3DX.ax
2014-12-09 19:25 - 2005-02-22 16:55 - 00081920 _RSHC () C:\Windows\SysWOW64\aac_parser.ax
2014-12-09 19:25 - 2004-04-27 15:03 - 00017408 _RSHC (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2014-12-09 18:25 - 2014-12-09 18:25 - 00003292 ____C () C:\Windows\System32\Tasks\Starup Sync Time
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\Users\bensie\Downloads\epson375769eu
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\ProgramData\EPSON
2014-12-07 17:11 - 2014-12-07 17:11 - 00000000 ___DC () C:\Program Files (x86)\EPSON
2014-12-07 17:11 - 2005-06-09 01:02 - 00119808 ____C (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMAEE.DLL
2014-12-07 17:11 - 2005-04-11 01:01 - 00086528 ____C (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBAEE.DLL
2014-12-07 17:11 - 2005-02-02 12:05 - 00008704 ____C (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-12-07 17:03 - 2014-12-07 17:03 - 00000000 ___DC () C:\Users\bensie\AppData\Local\FreeOCR
2014-12-07 16:59 - 2014-12-07 17:06 - 00000000 ____D () C:\FreeOCR
2014-12-07 16:59 - 2007-03-10 10:11 - 02680320 ____C (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-12-07 16:56 - 2014-12-07 16:56 - 00000850 ____C () C:\Users\bensie\AppData\Local\recently-used.xbel
2014-12-07 15:56 - 2014-12-07 15:56 - 00002121 ____C () C:\Users\bensie\Desktop\Adobe Acrobat XI Pro.exe - Verknüpfung.lnk
2014-12-03 17:08 - 2014-12-03 17:08 - 00000000 ___DC () C:\Users\bensie\Downloads\Futuremark PCMark 8 v2.2.282 Professional Edition License Key
2014-12-02 18:36 - 2014-12-02 18:36 - 00000730 ____C () C:\Users\Public\Desktop\Far Cry 4.lnk
2014-12-02 18:36 - 2014-12-02 18:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry 4
2014-12-02 15:56 - 2014-12-02 15:57 - 00000000 ___DC () C:\Users\bensie\Downloads\Der_Tourist_Feat._Friedrich_Liechtenstein-Supergeil_EP-WEB-DE-2014-VOiCE_iNT
2014-12-01 16:07 - 2014-12-01 16:07 - 13286631 ____C () C:\Users\bensie\Downloads\AAF_ufs910_nightly_p215_titan_v1-56_UPDATEUSB_20141109_nightly.zip
2014-12-01 15:15 - 2014-12-01 15:51 - 00000000 ___DC () C:\Users\bensie\Downloads\enigma_2_astra_matze
2014-11-27 18:44 - 2014-11-27 18:44 - 197420462 ____C () C:\Users\bensie\Downloads\Revolverheld - Lass uns gehen - Warnemünde 2014 live (1080p).mp4
2014-11-27 18:36 - 2014-11-27 18:36 - 66432236 ____C () C:\Users\bensie\Downloads\Revolverheld - Halt dich an mir fest live in Warnemünde (720p).mp4
2014-11-27 18:33 - 2014-11-27 18:33 - 78068964 ____C () C:\Users\bensie\Downloads\Rostock Warnemünde im Juli 2014 - Sonne _ Party _ Shipspotting (1080p).mp4
2014-11-27 18:33 - 2014-11-27 18:33 - 69478444 ____C () C:\Users\bensie\Downloads\Revolverheld - Spinner live in Warnemünde (720p).mp4
2014-11-27 18:26 - 2014-11-27 18:26 - 99460286 ____C () C:\Users\bensie\Downloads\Milow - Warnemünde Rostock 2014 live (1080p).mp4
2014-11-27 18:25 - 2014-11-27 18:25 - 100611996 ____C () C:\Users\bensie\Downloads\Revolverheld - Ich lass für dich das Licht an (Live in Warnemünde 26.07.2014).mp4
2014-11-27 18:22 - 2014-11-27 18:22 - 143145325 ____C () C:\Users\bensie\Downloads\Andreas Bourani - Alles nur in meinem Kopf - Warnemünde 2014 - live (1080p).mp4
2014-11-27 18:17 - 2014-11-27 18:17 - 104757787 ____C () C:\Users\bensie\Downloads\N-JOY THE BEACH - Andreas Bourani in Rostock - Warnemünde (720p).mp4
2014-11-26 17:54 - 2014-11-26 17:55 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Future_Trance_Vol.70-3CD-2014-VOiCE
2014-11-26 17:53 - 2014-11-26 17:53 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Kontor_Top_Of_The_Clubs_The_Biggest_Hits_Of_The_Year_MMXIV-3CD-2014-VOiCE
2014-11-26 17:49 - 2014-11-26 17:49 - 00000000 ___DC () C:\Users\bensie\Downloads\VA-Club_Sounds_Vol.71-3CD-2014-VOiCE
2014-11-26 16:46 - 2014-11-26 16:46 - 06973421 ____C () C:\Users\bensie\Downloads\Meyhem Lauren - 'Got The Fever' NYC Graffiti New York City (256 kbit_s).m4a
2014-11-26 16:24 - 2014-11-26 16:24 - 00050135 ____C () C:\Users\bensie\Documents\untitled.gcs
2014-11-26 15:09 - 2014-11-26 15:09 - 08538138 ____C () C:\Users\bensie\Downloads\KCBR - Live Life Like.mp4
2014-11-26 14:59 - 2014-11-26 14:59 - 02871371 ____C () C:\Users\bensie\Downloads\All Day All Night Remix by KCBR (256 kbit_s).m4a
2014-11-25 18:49 - 2014-11-25 18:49 - 06626832 ____C (TeamViewer GmbH) C:\Users\bensie\Downloads\TeamViewer_Setup_de.exe
2014-11-25 18:49 - 2014-11-25 18:49 - 00001181 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-25 18:49 - 2014-11-25 18:49 - 00001169 ____C () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-25 17:32 - 2014-11-25 17:32 - 00000000 ___DC () C:\Users\bensie\AppData\Local\Xilisoft
2014-11-25 17:30 - 2014-11-25 17:30 - 70441345 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (1080p).mp4
2014-11-25 17:30 - 2014-11-25 17:30 - 07940109 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (256 kbit_s).aac
2014-11-25 17:13 - 2014-11-25 17:13 - 07908857 ____C () C:\Users\bensie\Downloads\Der Tourist feat. Friedrich Liechtenstein - Supergeil (256 kbit_s).m4a
2014-11-24 17:29 - 2014-11-24 17:30 - 00025593 ____C () C:\Windows\ftp.log
2014-11-24 17:29 - 2014-11-24 17:29 - 00001498 ____C () C:\Windows\environment_00.log
2014-11-24 17:29 - 2014-11-24 17:29 - 00001498 ____C () C:\Windows\environment.log
2014-11-23 15:15 - 2014-11-23 15:15 - 00000000 ___DC () C:\ProgramData\LSI
2014-11-23 15:15 - 2012-07-02 06:00 - 00138024 ____C () C:\Windows\system32\wdcfg.exe
2014-11-23 15:15 - 2012-07-02 05:58 - 00135464 ____C (LSI Corporation) C:\Windows\system32\Drivers\lsi_sas.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 16:22 - 2011-12-06 00:15 - 00000600 ____C () C:\Users\bensie\PUTTY.RND
2014-12-23 16:05 - 2014-07-01 14:58 - 00000884 ____C () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 16:00 - 2014-10-28 15:48 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e.job
2014-12-23 15:54 - 2014-06-30 13:42 - 00001110 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54.job
2014-12-23 15:53 - 2014-01-30 17:40 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400.job
2014-12-23 15:39 - 2009-07-14 18:58 - 00705676 ____C () C:\Windows\system32\perfh007.dat
2014-12-23 15:39 - 2009-07-14 18:58 - 00151860 ____C () C:\Windows\system32\perfc007.dat
2014-12-23 15:39 - 2009-07-14 06:13 - 01637776 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 15:37 - 2009-07-14 05:45 - 00024416 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 15:37 - 2009-07-14 05:45 - 00024416 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 15:35 - 2011-12-02 19:14 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B36D631-CF70-4CFC-B51D-A1B6952F4B32}
2014-12-23 15:33 - 2011-12-02 19:11 - 02025331 ____C () C:\Windows\WindowsUpdate.log
2014-12-23 15:32 - 2011-12-02 19:20 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Desktop Sidebar
2014-12-23 15:31 - 2014-11-14 17:55 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f.job
2014-12-23 15:31 - 2014-10-28 15:48 - 00001106 ____C () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4.job
2014-12-23 15:31 - 2014-02-02 16:59 - 00000000 ___DC () C:\ProgramData\VMware
2014-12-23 15:31 - 2011-12-02 19:51 - 00000000 ___DC () C:\ProgramData\NVIDIA
2014-12-23 15:31 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-12-23 15:31 - 2009-07-14 05:51 - 00039544 ____C () C:\Windows\setupact.log
2014-12-22 16:31 - 2011-12-06 21:05 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\FileZilla
2014-12-22 15:55 - 2013-05-16 21:18 - 00000000 ___DC () C:\tmp
2014-12-22 15:31 - 2014-07-22 17:11 - 00000000 ___DC () C:\Users\bensie\Documents\Virtual Machines
2014-12-22 15:31 - 2014-02-02 17:01 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\VMware
2014-12-22 15:16 - 2014-02-02 17:01 - 00000000 ___DC () C:\Users\bensie\AppData\Local\VMware
2014-12-18 20:04 - 2013-09-19 19:59 - 00000000 ___DC () C:\Users\bensie\Downloads\MeGUI_2356_x86
2014-12-18 19:46 - 2011-12-06 00:22 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\vlc
2014-12-18 19:00 - 2014-09-30 14:45 - 00000000 ___DC () C:\Users\bensie\Downloads\BD_Rebuilder
2014-12-18 17:07 - 2013-12-02 19:32 - 00000000 ___DC () C:\Users\bensie\channel
2014-12-18 17:07 - 2011-12-02 19:08 - 00000000 ___DC () C:\Users\bensie
2014-12-18 16:17 - 2014-06-03 18:13 - 00000000 ___DC () C:\Temp
2014-12-18 15:52 - 2011-12-06 22:00 - 00002603 ____C () C:\Users\Public\Desktop\SatChannelListEditor.lnk
2014-12-18 15:52 - 2011-12-06 22:00 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SatChannelListEditor
2014-12-18 15:52 - 2011-12-06 22:00 - 00000000 ___DC () C:\Program Files (x86)\SatChannelListEditor
2014-12-16 16:01 - 2011-12-05 23:48 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2014-12-16 16:01 - 2011-12-05 23:47 - 00000000 ___DC () C:\ProgramData\Xilisoft
2014-12-16 16:01 - 2011-12-05 23:47 - 00000000 ___DC () C:\Program Files (x86)\Xilisoft
2014-12-12 17:19 - 2014-03-06 18:52 - 00000000 ___DC () C:\ProgramData\Orbit
2014-12-12 16:58 - 2014-08-07 17:07 - 00000000 ___DC () C:\Users\bensie\AppData\Local\JDownloader v2.0
2014-12-12 15:55 - 2014-01-30 17:35 - 00002178 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 15:43 - 2014-03-18 19:34 - 00000000 ___DC () C:\Program Files (x86)\Java
2014-12-12 15:43 - 2013-12-14 18:51 - 00000000 ___DC () C:\Users\bensie\AppData\Local\CrashDumps
2014-12-11 17:41 - 2012-05-31 19:44 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\BOM
2014-12-11 15:50 - 2011-12-02 19:51 - 00000000 ___DC () C:\Program Files (x86)\NVIDIA Corporation
2014-12-11 14:44 - 2013-12-11 20:55 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\AnvSoft
2014-12-11 14:12 - 2014-11-10 14:44 - 00002441 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-11 14:12 - 2011-12-02 19:13 - 00001154 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-11 14:12 - 2011-12-02 19:13 - 00001142 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-11 14:12 - 2011-12-02 19:08 - 00001428 ____C () C:\Users\bensie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-11 13:11 - 2012-05-03 19:54 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 13:11 - 2011-12-02 20:27 - 00248594 ____C () C:\Windows\PFRO.log
2014-12-10 18:15 - 2012-11-14 22:42 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\XMedia Recode
2014-12-10 16:44 - 2011-12-08 20:28 - 00000000 ___DC () C:\Program Files (x86)\megui
2014-12-10 13:34 - 2014-06-17 15:04 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\HandBrake
2014-12-09 19:25 - 2013-12-11 20:03 - 00000000 ___DC () C:\Program Files (x86)\eRightSoft
2014-12-09 19:05 - 2014-07-01 14:58 - 00701104 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 19:05 - 2014-07-01 14:58 - 00071344 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 19:05 - 2014-07-01 14:58 - 00003822 ____C () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 14:45 - 2011-12-02 19:44 - 00000000 ___DC () C:\Program Files (x86)\MSECache
2014-12-07 16:56 - 2014-09-30 17:18 - 00000000 ___DC () C:\Users\bensie\.gimp-2.8
2014-12-04 16:56 - 2014-06-03 18:13 - 00000022 ____C () C:\Windows\GPU-Z.INI
2014-12-03 18:53 - 2012-09-27 21:10 - 00000000 ___DC () C:\ProgramData\Temp
2014-12-03 18:43 - 2014-09-08 15:42 - 00007168 _____ () C:\My3DGraph.grf
2014-12-02 19:20 - 2014-02-13 20:53 - 00000000 ___DC () C:\Windows\rescache
2014-12-02 16:38 - 2014-10-28 16:26 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Free Audio Editor
2014-12-01 18:56 - 2012-05-31 19:46 - 00000000 ___DC () C:\Program Files (x86)\Biet-O-Matic
2014-11-26 18:10 - 2012-06-01 19:09 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\Mp3tag
2014-11-26 15:32 - 2014-08-19 15:58 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\XBMC
2014-11-26 14:28 - 2011-12-02 19:20 - 00073760 ____C () C:\Users\bensie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-26 14:28 - 2009-07-14 05:45 - 00305952 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 18:49 - 2012-10-22 21:06 - 00000000 ___DC () C:\Program Files (x86)\TeamViewer
2014-11-25 18:49 - 2011-12-14 21:15 - 00000000 ___DC () C:\Users\bensie\AppData\Roaming\TeamViewer
2014-11-25 17:54 - 2014-10-28 16:26 - 00002022 ____C () C:\Users\bensie\Desktop\Free Audio Editor.lnk
2014-11-25 17:54 - 2014-10-28 16:26 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Editor
2014-11-25 17:54 - 2014-10-28 16:26 - 00000000 ___DC () C:\Program Files (x86)\Free Audio Editor
2014-11-23 14:52 - 2012-11-06 22:37 - 12488704 ____C () C:\Users\bensie\AppData\Roaming\Sandra.mdb

Files to move or delete:
====================
C:\Users\bensie\pcwJavaUpdater.exe


Some content of TEMP:
====================
C:\Users\bensie\AppData\Local\Temp\bassmod.dll
C:\Users\bensie\AppData\Local\Temp\f4f2a446-6cf6-458d-b85a-dcb16e8ac472.exe
C:\Users\bensie\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\bensie\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\bensie\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\bensie\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\bensie\AppData\Local\Temp\nvStInst.exe
C:\Users\bensie\AppData\Local\Temp\proxy_vole4624690516786282716.dll
C:\Users\bensie\AppData\Local\Temp\s4s15.exe
C:\Users\bensie\AppData\Local\Temp\vcredist_x64_vs2010.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-12-22 19:08

==================== End Of Log ============================
         
--- --- ---
--- --- ---
und die Addition

Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014 01
Ran by bensie at 2014-12-23 16:30:25
Running from C:\Users\bensie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\uTorrent) (Version: 3.4.2.33497 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{4198fd8f-98bd-4240-9b3a-ab2643e532f6}) (Version: 1.3.708.0 - Futuremark)
3DMark (Version: 1.3.708.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAF UFS910/UFS922/TF7700 MultiPart Installer V1.9 (HKLM-x32\...\AAF UFS910/UFS922/TF7700 MultiPart Installer_is1) (Version: - © 2010 Black_64)
AAF_Recovery_tool installer UFS910 V1.9 (HKLM-x32\...\AAF Recovery tool UFS910_is1) (Version: - © 2010 Black_64)
Acronis*Disk*Director*11*Home (HKLM-x32\...\{06E34C00-0446-4176-81C8-A5DAFE53CA36}) (Version: 11.0.2121 - Acronis)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced EFS Password Recovery (HKLM-x32\...\{0594D411-FF62-40A5-9D73-768F212AE305}) (Version: 4.43.43.1109 - Elcomsoft Co. Ltd.)
AIDA64 Extreme v4.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.50 - FinalWire Ltd.)
Aiseesoft Blu-ray Copy 7.0.18 (HKLM-x32\...\{A24AAF6D-3EDB-43da-89BE-1A95D5CFA672}_is1) (Version: 7.0.18 - Aiseesoft Studio)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 - Digital Deluxe Edition (HKLM-x32\...\{8CEB57D1-A8EA-40FE-86CB-54DF4156344D}_is1) (Version: 1.14 - Bohemia Interactive)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Battlefield 4 German Edition 1.0.1 (HKLM-x32\...\Battlefield 4 German Edition 1.0.1) (Version: - )
Battlefield 4 Update 4 (HKLM-x32\...\QmF0dGxlZmllbGQ0_is1) (Version: 1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bitvise SSH Client 4.51 (remove only) (HKLM-x32\...\BvSshClient) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Advanced Warfare (HKLM-x32\...\Call of Duty Advanced Warfare_is1) (Version: 1.0 - ENiGMA)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version: - )
Corel VideoStudio Pro X7 (HKLM-x32\...\_{77B3BEA9-835C-4DDF-BCE7-1510271E4E37}) (Version: 17.1.0.22 - Corel Corporation)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crysis 3 Version 1.3 (HKLM-x32\...\Crysis 3_is1) (Version: 1.3 - EA Games)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
CyberLink PowerDVD 13 (HKLM-x32\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.3105.58 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DATA BECKER BewerbungsGenie 7 (HKLM-x32\...\BewerbungsGenie 7_is1) (Version: 6.0.10.49 - DATA BECKER GmbH & Co. KG)
Desktop Sidebar (HKLM-x32\...\{A92D7264-1A13-45BE-B769-88445DD04FD6}) (Version: 1.05.116 - Idea2)
DiskBoss 4.8.32 (HKLM-x32\...\DiskBoss) (Version: 4.8.32 - Flexense Computing Systems Ltd.)
DiskInternals EFS Recovery (HKLM-x32\...\DiskInternals EFS Recovery) (Version: 2.3 - DiskInternals Research)
Driver San Francisco (HKLM-x32\...\Driver San Francisco_is1) (Version: - )
DVDFab 9.1.2.5 (22/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Elcomsoft Dictionaries (HKLM-x32\...\{74A23A1E-A394-4880-AB2B-076EDFC52AB5}) (Version: 1.0.1110 - Elcomsoft Co. Ltd.)
Elcomsoft Wireless Security Auditor (HKLM-x32\...\{7A790311-54C6-41D3-9AC5-C3EB88ACE073}) (Version: 5.02.272.1451 - Elcomsoft Co. Ltd.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{39BFB173-09EB-4286-84E1-2FAFC97107E1}) (Version: 6.0.316.1 - ESET, spol s r. o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Ext2 IFS 1.11a for Windows Vista/2008 (HKLM\...\Ext2Ifs_for_NT6) (Version: - )
Far Cry 4 Version 1.0 (HKLM-x32\...\{62727D50-FA74-4A53-B57F-0DCBD9D8C1BB}_is1) (Version: 1.0 - UBISoft)
FarCry 3 Version 1.05 (HKLM-x32\...\{A5C3B95A-EA88-4BD4-A23C-4F58774C13AB}_is1) (Version: 1.05 - Ubisoft)
ffdshow x64 v1.3.4532 [2014-07-17] (HKLM\...\ffdshow64_is1) (Version: 1.3.4532.0 - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free Audio Editor v7.9.4 (HKLM-x32\...\Free Audio Editor_is1) (Version: - FreeAudioStudio Inc.)
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
Geekbench 3 (HKLM-x32\...\Geekbench 3) (Version: - Primate Labs Inc.)
Geeks3D.com FurMark 1.9.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D.com)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}) (Version: 6.1.0.5001 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.5.3 (HKLM-x32\...\GoPro Studio) (Version: 2.5.3 - GoPro, Inc.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version: - )
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.5.5 - )
Kolor Autopano Giga 3.7 (HKLM\...\AutopanoGiga3.7) (Version: V3.7.0 - Kolor)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Media Player Utilities 4.37 (HKLM-x32\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.37 - )
MediaInfo 0.7.51 (HKLM\...\MediaInfo) (Version: 0.7.51 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 5.8.0 (HKLM-x32\...\MKVToolNix) (Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.65a (HKLM-x32\...\Mp3tag) (Version: v2.65a - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed The Run Version 1.0 (HKLM-x32\...\Need for Speed The Run_is1) (Version: 1.0 - EA Games)
North and South The Game (c) BitComposer version 1 (HKLM-x32\...\Tm9ydGhhbmRTb3V0aFRoZUdhbWU=_is1) (Version: 1 - )
Nuance PDF Reader (HKLM-x32\...\{5F6C549F-78DA-4E0E-AE70-0BD981936D99}) (Version: 7.00.0000 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{D312F154-8455-45C1-A44E-1AED321E6E95}) (Version: 1.6.4 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon Partition Manager™ 12 Professional (HKLM-x32\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PCMark 8 (HKLM-x32\...\{0f7b7b74-b858-4b4b-8e3d-306827f55e8d}) (Version: 2.2.282.0 - Futuremark)
PCMark 8 (Version: 2.2.282.0 - Futuremark) Hidden
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1035.0 - Passmark Software)
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SatChannelListEditor (HKLM-x32\...\{FEF1737C-FB20-41DD-86D6-209A8D5C6D82}) (Version: 5.4.0 - Elemental)
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
SiSoftware Sandra Personal 2012.SP5c (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.74.2012.10 - SiSoftware)
SmartFTP Client (HKLM\...\{0337D302-50F9-47F3-A63C-0EC7C6FAD3A7}) (Version: 6.0.2078.0 - SmartSoft Ltd.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.6 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.6 - SmartSound Software Inc.) Hidden
SUPER © v2014.build.63+Recorder (2014/11/27) Version v2014.buil (HKLM-x32\...\{8E2A19E2-96BF-8659-4DA7-5C06C90719A4}_is1) (Version: v2014.build.63+Recorder - eRightSoft)
Syncios Version 4.1.5 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 4.1.5 - Anvsoft, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{0AF28D4B-7525-4C85-A89E-10C23D6959AA}) (Version: 4.0.12.42 - Pegasys Inc.)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version: - )
Tomb Raider (HKLM-x32\...\Tomb Raider_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TSDoctor (HKLM-x32\...\{B737ED31-760E-444A-A696-3D8DB8988412}) (Version: 1.2.116 - Cypheros)
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.0 - VMware, Inc)
VMware Workstation (Version: 10.0.0 - VMware, Inc.) Hidden
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 1.1.0.0 - Microsoft Corporation)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
XBMC (HKU\S-1-5-21-3106869042-3269868222-4255230798-1001\...\XBMC) (Version: - Team XBMC)
Xilisoft iPad Magic Platinum (HKLM-x32\...\Xilisoft iPad Magic Platinum) (Version: 5.6.5.20141020 - Xilisoft)
Xilisoft iPhone to PC Copy (HKLM-x32\...\Xilisoft iPhone to PC Copy) (Version: 5.4.7.20121205 - Xilisoft)
ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3106869042-3269868222-4255230798-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

12-12-2014 15:42:36 Installed Java 7 Update 71
18-12-2014 15:52:01 Installed SatChannelListEditor

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-25 17:20 - 00000892 ___AC C:\Windows\system32\Drivers\etc\hosts
74.208.10.249 gs.apple.com
127.0.0.1 validation.sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {023CC3E0-BCA0-41F9-8CB5-D66FE089E3C9} - System32\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {1E03900A-E286-432F-A728-7155B1C713DE} - System32\Tasks\{A217DC53-79AC-4E6C-BC86-7E8776A04C44} => pcalua.exe -a H:\OriginInstaller.exe -d H:\
Task: {227B1AE5-68E4-48F6-B89C-5B0A3F0F9CFC} - System32\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {2C353DF0-893D-4246-8561-5FC69C47FB5F} - System32\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {49D02C34-8C34-447D-BB4F-D2D25A03F880} - System32\Tasks\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-5 => C:\Program Files (x86)\SmartSaver+ 15\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-5.exe <==== ATTENTION
Task: {7CBE01CD-6908-412F-9B64-F64BA9EF75F8} - System32\Tasks\{4FBCA705-7397-429D-849F-53919193796D} => Z:\download\zv3937zr8823bv6\CyberLink PowerDVD Ultra 12.0.1312.54 Multilingual.Incl.Keymaker -BigX-\keygen.exe
Task: {85178AE6-0E8F-40CA-B6F6-5837DFD127BD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {86197F4A-E44B-44D9-B530-42C5CCB9CE32} - System32\Tasks\temp_9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2 => C:\Users\bensie\AppData\Local\Temp\nsaFB80.tmp\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2.exe <==== ATTENTION
Task: {96108EBB-0857-4322-A392-87E15061A37D} - System32\Tasks\{C445E232-4D7A-4FDB-85C0-EFDDCD2ED512} => Z:\download\zv3937zr8823bv6\CyberLink PowerDVD Ultra 12.0.1312.54 Multilingual.Incl.Keymaker -BigX-\keygen.exe
Task: {9A308F33-2067-47CA-A2FA-D11D9F466AC7} - System32\Tasks\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2 => C:\Program Files (x86)\SmartSaver+ 15\9cfa3b4a-2a94-4c7d-bfc3-8cf0ef19f5d3-2.exe <==== ATTENTION
Task: {A34203B6-A899-45D7-9958-DFEEB13662D0} - System32\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {A3566D7C-0C32-4E0D-ACFE-23750CE3BBA4} - System32\Tasks\Starup Sync Time => Sc.exe start w32time task_started
Task: {BB3F28C5-BB8C-4791-8C22-8B8477E60BC0} - System32\Tasks\{93694C61-4B30-4602-A9D8-A522C2D807B7} => G:\Call of Duty Black Ops II\t6sp.exe
Task: {BF882ECC-1710-4D32-8C58-24A2996B6F64} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {C448E449-5E48-40C0-A0F8-7C081B6628AE} - System32\Tasks\{A1B7AA58-04DC-4052-84A7-85C42FFC5C03} => C:\Users\bensie\Downloads\h264ts_cutter_v111\H264TS_Cutter.exe [2008-01-14] (www.h264tscutter.de)
Task: {E480900F-5111-4DE1-82C1-399305D110BA} - System32\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {EF250EDE-7E77-4108-ACB6-BF85A19AA6CA} - System32\Tasks\{A1DDCB6D-819B-4DF4-94ED-6E0D1B0B1A9A} => C:\Users\bensie\Downloads\Ext2IFS_1_11a.exe
Task: {F309E279-2AAF-4A60-81E6-018F65C5B603} - System32\Tasks\{27F29ECD-0E35-4427-8432-BF187A2532E6} => C:\Users\bensie\Downloads\Ext2IFS_1_11a.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf1ddacb52400.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff2be3da148d4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0002bbdf9b76f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf9460b2220b54.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cff2be3dca7c4e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-12-02 19:51 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-28 14:42 - 2010-07-02 13:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-10-20 17:26 - 2014-12-10 18:31 - 00104928 ____C () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-07-23 08:41 - 2014-07-23 08:41 - 00114688 ____C () C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe
2010-09-30 15:16 - 2010-09-30 15:16 - 02155848 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2013-08-27 11:09 - 2013-08-27 11:09 - 14401104 ____C () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2014-11-03 17:54 - 2014-10-31 16:53 - 00747520 ____C () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2014-10-20 17:26 - 2014-12-10 18:31 - 00732128 ____C () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 ____C () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 ____C () C:\Program Files (x86)\SupTab\Loader32.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-23 08:33 - 2014-07-23 08:33 - 02408448 ____C () C:\Program Files (x86)\DiskBoss\bin\libdbs.dll
2014-07-23 08:31 - 2014-07-23 08:31 - 00720896 ____C () C:\Program Files (x86)\DiskBoss\bin\libpal.dll
2013-08-27 11:42 - 2013-08-27 11:42 - 01260624 ____C () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-11-05 01:01 - 2014-11-05 01:01 - 01794560 ____C () C:\Program Files (x86)\GoPro\Tools\Importer\GPSDKAnalyticsNet.dll
2014-01-20 17:30 - 2013-07-05 06:24 - 00861960 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\common\UNO\UNO.dll
2014-01-20 17:30 - 2013-05-02 01:06 - 00081920 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\koan\_ctypes.pyd
2014-01-20 17:30 - 2013-05-02 01:06 - 00053248 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_socket.pyd
2014-01-20 17:30 - 2013-05-02 01:06 - 00655360 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Common\Koan\_ssl.pyd
2014-01-20 17:30 - 2013-07-05 06:24 - 00043272 ____C () C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DHProcedure\DHProcedure.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-11 19:22 - 2009-02-27 16:38 - 00139264 ___RC () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-11-03 17:54 - 2014-10-31 15:20 - 00386560 ____C () C:\Program Files (x86)\Syncios\DuiLib.dll
2014-11-03 17:54 - 2013-03-01 10:30 - 00059904 ____C () C:\Program Files (x86)\Syncios\zlib.dll
2014-11-03 17:54 - 2013-03-01 10:30 - 00526848 ____C () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-11-03 17:54 - 2014-04-29 17:11 - 00067072 ____C () C:\Program Files (x86)\Syncios\zlib1.dll
2014-11-03 17:54 - 2014-01-06 11:24 - 00671744 ____C () C:\Program Files (x86)\Syncios\hashab.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 00237352 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-10-20 17:26 - 2014-12-10 18:31 - 00022496 ____C () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-12-10 16:17 - 2014-12-10 16:17 - 03758192 ____C () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-12-09 19:05 - 2014-12-09 19:05 - 16841392 ____C () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:0888F409
AlternateDataStreams: C:\ProgramData\Temp:3440EB47
AlternateDataStreams: C:\ProgramData\Temp:66633281
AlternateDataStreams: C:\ProgramData\Temp:C7D0F96D
AlternateDataStreams: C:\Users\bensie\Documents\Bild (13).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\bensie\Documents\Bild (13).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\bensie\Documents\Bild (14).jpg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\bensie\Documents\Bild (14).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ISUSPM => "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3106869042-3269868222-4255230798-500 - Administrator - Disabled)
bensie (S-1-5-21-3106869042-3269868222-4255230798-1001 - Administrator - Enabled) => C:\Users\bensie
Gast (S-1-5-21-3106869042-3269868222-4255230798-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3106869042-3269868222-4255230798-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2014 03:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 22.12.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 140c

Startzeit: 01d01ebf11e89cb7

Endzeit: 3

Anwendungspfad: C:\Users\bensie\Downloads\FRST64.exe

Berichts-ID:

Error: (12/22/2014 07:09:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:09:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:09:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/22/2014 07:08:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 06:00:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 06:00:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/16/2014 05:56:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 06:32:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (12/14/2014 05:18:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"1".
Die abhängige Assemblierung "Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (12/23/2014 03:32:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/23/2014 03:31:44 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/23/2014 03:31:44 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 03:42:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/22/2014 03:41:51 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 03:41:51 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 02:34:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/22/2014 02:33:12 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{44dee9c5-1d0f-11e1-a055-806e6f6e6963}" können nicht gelesen werden.

Error: (12/22/2014 02:33:12 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{d6e9d0c8-701c-11e4-adfd-806e6f6e6963}" können nicht gelesen werden.

Error: (12/18/2014 03:33:55 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004


Microsoft Office Sessions:
=========================
Error: (12/23/2014 03:53:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe22.12.2014.1140c01d01ebf11e89cb73C:\Users\bensie\Downloads\FRST64.exe

Error: (12/22/2014 07:09:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\mmsBundle.dll

Error: (12/22/2014 07:09:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\ManagementConsole.exe

Error: (12/22/2014 07:09:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\RecoveryExpert.exe

Error: (12/22/2014 07:08:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Common Files\Acronis\DiskDirector\WinPE\Files\systeminfo.exe

Error: (12/16/2014 06:00:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\7088-5.manifest

Error: (12/16/2014 06:00:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\1456-5.manifest

Error: (12/16/2014 05:56:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\5212-5.manifest

Error: (12/14/2014 06:32:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\3520-5.manifest

Error: (12/14/2014 05:18:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Adobe.Acrobat.Dependencies,processorArchitecture="x86",publicKeyToken="0000000000000000",type="win32",version="10.0.0.0"C:\Users\bensie\Documents\Down loads\AAxl_2p+\Adobe Acrobat XI Pro v11.0.02_713MB\Adobe Acrobat XI Pro\SKEL\5696-5.manifest


CodeIntegrity Errors:
===================================
Date: 2014-06-24 17:35:06.727
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.696
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.618
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:06.586
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.692
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.661
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:35:02.552
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:34:48.042
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2014-06-24 17:34:48.010
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume8\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
Percentage of memory in use: 21%
Total physical RAM: 12279.3 MB
Available physical RAM: 9666.09 MB
Total Pagefile: 24556.77 MB
Available Pagefile: 21467.08 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:223.47 GB) (Free:72.19 GB) NTFS
Drive d: (4TB) (Fixed) (Total:3726.02 GB) (Free:1876.94 GB) NTFS
Drive h: (Die Olsenbande steigt aufs Dach) (CDROM) (Total:32.74 GB) (Free:0 GB) UDF
Drive u: (Boot) (Fixed) (Total:98.87 GB) (Free:30.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: () (Network) (Total:458.45 GB) (Free:169.68 GB)
Drive y: () (Network) (Total:1375.34 GB) (Free:91.93 GB)
Drive z: () (Network) (Total:1375.34 GB) (Free:461.33 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 22452244)
Partition 1: (Active) - (Size=98.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=832.6 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: F401F401)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 186.3 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 59.6 GB) (Disk ID: 83FC40BC)
Partition 1: (Active) - (Size=33.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=26.3 GB) - (Type=05)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: F0933FC9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Themen zu Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7
adware, antivirus, bonjour, cpu, cpu-z, desktop, fehler, firefox, flash player, ftp, homepage, iexplore.exe, installation, lightning, maleware, mozilla, mp3, newtab, performance, prima, programm, realtek, registry, rundll, software, super, svchost.exe, symantec, system, vcredist, windows




Ähnliche Themen: Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7


  1. Search Protect in der Taskleiste nach Skype download!
    Plagegeister aller Art und deren Bekämpfung - 23.04.2015 (7)
  2. Search Protect in Taskleiste
    Log-Analyse und Auswertung - 17.04.2015 (24)
  3. Search Protect in Taskleiste
    Lob, Kritik und Wünsche - 16.04.2015 (1)
  4. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen...
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (17)
  5. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehe
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (5)
  6. Search Protect unter Win 7 entfernen
    Log-Analyse und Auswertung - 08.12.2014 (35)
  7. Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7
    Plagegeister aller Art und deren Bekämpfung - 13.10.2014 (10)
  8. Search Protect Client Connect Ltd auf Windows 8.1, nicht deinstallierbar
    Log-Analyse und Auswertung - 25.09.2014 (4)
  9. Windows 7: Search Protect lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 14.09.2014 (13)
  10. Hallo ihr lieben. Search Protect auf dem Rechner Windows 8 und bekomme es nicht mehr weg.
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (13)
  11. Search Protect in Taskleiste und nicht deinstallierbar
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (17)
  12. Windows 7 - Search Protect kann nicht entfernt werden
    Log-Analyse und Auswertung - 23.08.2014 (7)
  13. Search Protect von Client Connect LtD, Windows 8.1, läßt sich nicht deinstallierne
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (6)
  14. download protect 2.2.1 / 2.2.4 unter windows 7 lässt sich nicht entfernen
    Log-Analyse und Auswertung - 31.07.2014 (23)
  15. Maleware Sammlung bei Kontrolle der installierten Software unter Windows/Programme entdeckt!
    Log-Analyse und Auswertung - 18.05.2014 (9)
  16. (Search Protect by Conduit) Ist er wirklich weg? (Spyware/Maleware/Adware)
    Log-Analyse und Auswertung - 18.03.2014 (20)
  17. Snap Do Suchemaschine/Toolbar nicht zu deinstallieren und in Systemsteuerung unter Programmen nicht zu finden
    Plagegeister aller Art und deren Bekämpfung - 02.09.2013 (34)

Zum Thema Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7 - Hallo, ich bin neu hier und kann leider nicht an dem anderen Thread posten (keine Rechte), könnt ihr mir bitte helfen und das hier evtl auch verschieben hier die Logs - Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7...
Archiv
Du betrachtest: Search Protect, eventl. maleware, in der Windows Taskleiste - unter installierten Programmen in der Systemsteuerung nicht aufgeführt - Win 7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.