Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Log-Analyse und Auswertung: Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 08.12.2014, 21:37   #1
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Hallo Forum!

Dies ist mein erster Post hier, darum seid bitte gnädig, falls ich irgendetwas nicht richtig poste oder Informationen vergesse
Ich habe folgendes Problem: auf meiner Festplatte E: befindet sich der Ordner "Programme". Die in diesem Ordner befindlichen Programme sind nicht mehr veränderbar, da mir der Zugriff verweigert wird, d.h. ich kann die Programme zwar verwenden, allerdings kann ich sie weder löschen noch kann ich weitere Programme in diesen Ordner installieren. Wenn ich beispielsweise versuche, ein Programm zu deinstallieren kommt die Fehlermeldung: "Die Datei **** konnte nicht geöffnet werden. Entfernen der Anwendung fehlgeschlagen. Fehler 5: Zugriff verweigert." Ich habe schon tagelang gegoogelt und bin mehrfach auf das Problem gestoßen, allerdings hat nichts zu einer Lösung dieses geführt. Folgendes habe ich bereits versucht:
- Besitzrechte verändert
- Berechtigungen waren schon richtig gesetzt, darum konnte ich da nichts machen
- geschaut, ob der Ordner verschlüsselt ist - negativ
- mit einem Unlocker versucht, den Ordner unzulocken
- und einige andere Dinge, die ich leider nicht mehr richtig zusammenbekomm

Hier einmal die verschiedenen Logfiles, vielleicht kann ja jemand etwas daraus erkennen (leider als Logfile, da 170.000 Zeichen groß)

Vielen Dank im Voraus!

Alt 08.12.2014, 21:43   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 08.12.2014, 22:20   #3
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Achso, ja klar. Danke schonmal für die schnelle Antwort. Ich versuche mal 2 Logs in ein Post zu packen, damit die nicht gestückelt sind

FRST:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Julian (administrator) on JULIANDESKTOPPC on 08-12-2014 19:49:59
Running from C:\Users\Julian\Desktop
Loaded Profile: Julian (Available profiles: Julian & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Programme\AvastSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(AVAST Software) E:\Programme\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
() C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
(MSI) C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
(MSI) C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
(MSI) C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) E:\Programme\O&O Defrag\oodag.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(BitTorrent Inc.) C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Comfort Software Group) E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Nullsoft, Inc.) E:\Programme\Winamp\winampa.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(AVAST Software) E:\Programme\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [WinampAgent] => E:\Programme\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Programme\AvastUI.exe [5226600 2014-11-21] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [iDevice Manager Launcher] => E:\Programme\iDevice Manager\Software4u.IDMLauncher.exe [135168 2013-05-22] (Marx Softwareentwicklung - www.software4u.de)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [] => [X]
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [BitTorrent] => C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-25] (Google Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [FreeCT] => E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\MountPoints2: {afc77129-4ff4-11e4-9e8b-d43d7e31cf80} - F:\setup.exe
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\MountPoints2: {c0a698a6-e456-11e2-a20c-d43d7e31cf80} - L:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\MountPoints2: {ec53d3ce-a62a-11e3-b07b-d43d7e31cf80} - I:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Software Director Scheduler.lnk
ShortcutTarget: Software Director Scheduler.lnk -> C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe (Cloanto Corporation)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Programme\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409233828&from=smt&uid=SamsungXSSDX840XSeries_S14ENEACB11758K&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409233828&from=smt&uid=SamsungXSSDX840XSeries_S14ENEACB11758K&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409233828&from=smt&uid=SamsungXSSDX840XSeries_S14ENEACB11758K&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1409233828&from=smt&uid=SamsungXSSDX840XSeries_S14ENEACB11758K&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1409233828&from=smt&uid=SamsungXSSDX840XSeries_S14ENEACB11758K
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: bittorrent.com/torque -> C:\Users\Julian\AppData\Roaming\BitTorrent\Torque\4.4.2\npTorque.dll (BitTorrent, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\searchplugins\webde-suche.xml
FF Extension: Firefox Synchronisation Extension - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\synchronize@nokia.suite [2014-07-01]
FF Extension: WEB.DE MailCheck - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\toolbar@web.de [2014-07-21]
FF Extension: YouTube Unblocker - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\youtubeunblocker@unblocker.yt [2014-11-05]
FF Extension: Personas Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\personas@christopher.beard.xpi [2014-12-08]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-16]
FF Extension: Menu Editor - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2013-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-03-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Programme\WebRep\FF
FF Extension: Avast Online Security - E:\Programme\WebRep\FF [2014-07-16]

Chrome: 
=======
CHR HomePage: Default -> https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: Default -> "https://de.yahoo.com/?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: Default -> www.yahoo.com
CHR DefaultSearchURL: Default -> https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\gcswf32.dll No File
CHR Plugin: (Browser Exploit Prevention) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1107_0\nptmbep.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-22]
CHR Extension: (Citavi Picker) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-03-22]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Programme\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - E:\Programme\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; E:\Programme\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 avast! Firewall; E:\Programme\afwServ.exe [104416 2014-11-16] (AVAST Software)
S3 AvastVBoxSvc; E:\Programme\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-16] (Avast Software)
S2 CLHNServiceForPowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-08-16] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-08-16] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-08-16] (CyberLink)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-08-28] (Cherished Technololgy LIMITED)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 Mezzmo_Desktop; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3119472 2012-09-27] (Conceiva Pty. Ltd.)
R2 MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [9728 2013-01-22] () [File not signed]
R2 MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [75280 2012-04-17] (MSI)
R2 MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [122936 2012-10-26] (MSI)
R2 MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [105016 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 MSSQL$MYMOVIES; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 OODefragAgent; E:\Programme\O&O Defrag\oodag.exe [2552176 2012-09-14] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-28] (Fuyu LIMITED) [File not signed]
S2 Update ClearThink; "C:\Program Files (x86)\ClearThink\updateClearThink.exe" [X]
S2 Util ClearThink; "C:\Program Files (x86)\ClearThink\bin\utilClearThink.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-16] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-19] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-18] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R1 ISODrive; E:\Programme\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-19] ()
S3 NTIOLib_1_0_4; E:\Programme\MSI Live Update 5\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; C:\MSI\MSI SUITE\NTIOLib_X64.sys [11888 2012-03-30] (MSI) [File not signed]
R3 NTIOLib_SuiteFB; C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R2 ntk_PowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2013-12-01] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
R2 VBoxAswDrv; E:\Programme\ng\vbox\VBoxAswDrv.sys [271752 2014-11-16] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-08] ()
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; E:\Programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-14] (CyberLink Corp.)
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64; C:\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys [61072 2014-09-01] (StdLib)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 cpuz136; \??\C:\Users\Julian\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 19:49 - 2014-12-08 19:50 - 00030755 _____ () C:\Users\Julian\Desktop\FRST.txt
2014-12-08 19:47 - 2014-12-08 19:47 - 00000020 _____ () C:\Users\Julian\defogger_reenable
2014-12-08 19:39 - 2014-12-08 19:50 - 00000000 ____D () C:\FRST
2014-12-08 19:38 - 2014-12-08 19:38 - 02119680 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-12-08 19:37 - 2014-12-08 19:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Martin Fuchs
2014-12-08 19:29 - 2014-12-08 19:48 - 00000168 _____ () C:\Windows\setupact.log
2014-12-08 19:29 - 2014-12-08 19:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-08 11:15 - 2014-12-08 19:48 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-04 19:07 - 2014-12-04 19:37 - 00000000 ____D () C:\Users\Julian\Desktop\ebay
2014-12-02 23:22 - 2014-12-02 23:22 - 00000869 _____ () C:\Users\Julian\Desktop\Game of Thrones A Telltale Games Series.lnk
2014-12-02 23:22 - 2014-12-02 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game of Thrones A Telltale Games Series
2014-12-02 23:13 - 2014-12-02 23:13 - 00000000 ____D () C:\Users\Julian\Documents\Telltale Games
2014-12-02 12:06 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-06-39.016-aswFe.exe-7376.log
2014-12-02 12:04 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-04-03.030-aswFe.exe-8088.log
2014-12-02 12:03 - 2014-12-02 12:04 - 00000145 _____ () C:\Windows\system32\2014-12-02-11-03-56.044-AvastVBoxSVC.exe-3828.log
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-01 11:53 - 2014-12-01 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSP ISO Compressor
2014-11-19 11:38 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:38 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 14:09 - 2014-11-18 14:09 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Yacht Club Games
2014-11-18 14:08 - 2014-11-18 14:08 - 00000802 _____ () C:\Users\Public\Desktop\Shovel Knight.lnk
2014-11-18 14:08 - 2014-11-18 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yacht Club Games
2014-11-16 10:42 - 2014-11-16 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-16 10:37 - 2014-11-16 10:37 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-16 10:37 - 2014-11-16 10:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-16 10:36 - 2014-11-16 10:36 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-12 12:11 - 2014-11-12 12:11 - 00000940 _____ () C:\Users\Julian\Desktop\BeadSurge.exe - Verknüpfung.lnk
2014-11-12 12:06 - 2014-11-12 12:06 - 00000000 ____D () C:\Users\Julian\Documents\BeadSurge
2014-11-12 12:06 - 2014-11-12 12:06 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeadSurge
2014-11-12 10:06 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 10:06 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 10:06 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 10:06 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 10:06 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 10:06 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 10:06 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 10:06 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 10:06 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 10:06 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 10:06 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 10:06 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 10:06 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 10:06 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 10:06 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 10:06 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 10:06 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 10:06 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 10:06 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 10:06 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 10:06 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 10:06 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 10:06 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 10:06 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 10:06 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 10:06 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 10:06 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 10:06 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 10:06 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 10:06 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 10:06 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 10:06 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 10:06 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 10:06 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 10:06 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 10:06 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 10:06 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 10:06 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 10:06 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 10:06 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 10:06 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 10:06 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 10:06 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 10:06 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 10:06 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 10:06 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 10:06 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 10:06 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 10:06 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 10:06 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 10:06 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 10:06 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 10:06 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 10:06 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 10:06 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 10:06 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 10:06 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 10:06 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 10:06 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 10:06 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 10:06 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 10:06 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 10:06 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 10:06 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 10:06 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:06 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 10:06 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:06 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:05 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 10:05 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 10:05 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 10:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:05 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 10:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 10:05 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 10:05 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 10:05 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 10:05 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 10:05 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 10:05 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 10:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 10:05 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 10:05 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 10:05 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 10:05 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 10:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:05 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 10:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 11:06 - 2014-11-11 11:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-08 19:49 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-12-08 19:49 - 2013-01-18 20:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\BitTorrent
2014-12-08 19:49 - 2013-01-18 16:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-08 19:48 - 2014-07-07 15:24 - 00193250 _____ () C:\Windows\PFRO.log
2014-12-08 19:48 - 2013-02-22 11:03 - 00003510 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-08 19:48 - 2013-02-02 04:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-08 19:48 - 2013-01-21 17:27 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-12-08 19:48 - 2013-01-21 15:44 - 01224960 _____ () C:\Windows\system32\oodbs.lor
2014-12-08 19:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-08 19:47 - 2013-01-18 16:43 - 01405941 _____ () C:\Windows\WindowsUpdate.log
2014-12-08 19:47 - 2013-01-18 16:43 - 00000000 ____D () C:\Users\Julian
2014-12-08 19:42 - 2013-01-18 20:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-08 19:37 - 2011-04-12 08:43 - 00750302 _____ () C:\Windows\system32\perfh007.dat
2014-12-08 19:37 - 2011-04-12 08:43 - 00168756 _____ () C:\Windows\system32\perfc007.dat
2014-12-08 19:37 - 2009-07-14 06:13 - 01763138 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-08 19:37 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-08 19:37 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-08 19:33 - 2013-02-28 18:39 - 02328576 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-12-08 19:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-08 19:08 - 2013-01-18 16:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-08 19:00 - 2013-12-22 15:34 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\vlc
2014-12-08 18:54 - 2014-10-11 11:53 - 00002102 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-08 18:54 - 2014-08-22 16:06 - 00208718 _____ () C:\Windows\DPINST.LOG
2014-12-08 18:54 - 2014-03-07 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 18:53 - 2013-01-18 16:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-08 18:24 - 2013-01-21 14:35 - 00000000 ____D () C:\Users\Julian\Documents\Outlook-Dateien
2014-12-08 18:23 - 2014-03-18 12:50 - 00000000 ____D () C:\Users\Julian\Documents\Citavi 4
2014-12-08 11:25 - 2014-08-16 19:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-12-08 11:22 - 2013-03-09 01:21 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABA8D45E-2A6E-4A87-B807-227D22CF6583}
2014-12-08 11:18 - 2013-06-16 23:00 - 00001139 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-08 01:01 - 2014-07-16 14:29 - 00004132 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-06 18:56 - 2013-02-04 21:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-12-01 22:20 - 2014-08-25 14:28 - 00000000 ____D () C:\Users\Julian\Desktop\URLAUB PAPIERKRAM
2014-11-26 18:42 - 2013-01-18 20:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:42 - 2013-01-18 20:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:42 - 2013-01-18 20:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 14:32 - 2013-10-19 18:21 - 00000000 ____D () C:\Users\Julian\AppData\Local\SKIDROW
2014-11-22 09:56 - 2014-07-16 14:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-17 14:08 - 2013-02-19 14:53 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\abgx360
2014-11-17 14:06 - 2013-05-28 20:39 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\XBMC
2014-11-16 15:03 - 2013-01-18 16:46 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 15:03 - 2013-01-18 16:46 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 10:37 - 2014-07-16 15:12 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-16 10:37 - 2014-07-16 15:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-16 10:36 - 2014-07-16 14:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-16 09:34 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 22:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 21:32 - 2013-01-18 17:02 - 00152880 _____ () C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 21:31 - 2014-07-16 15:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 21:31 - 2009-07-14 05:45 - 05115656 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 13:52 - 2013-01-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 13:50 - 2013-11-19 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 13:45 - 2012-12-13 09:31 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 20:51 - 2013-06-16 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgpfdim.dll
C:\Users\Julian\AppData\Local\Temp\proxy_vole1766580496347510564.dll
C:\Users\Julian\AppData\Local\Temp\proxy_vole9210803338596611794.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 19:05

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


DEFOGGER:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:47 on 08/12/2014 (Julian)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
__________________
Geändert von J_Cake_Jr (08.12.2014 um 22:28 Uhr)

Alt 08.12.2014, 22:27   #4
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Und hier die anderen beiden:

GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-12-08 19:57:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Samsung_SSD_840_Series rev.DXT06B0Q 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\Julian\AppData\Local\Temp\fxxyqaoc.sys


---- User code sections - GMER 2.1 ----

.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                             0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                               0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                             0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                             000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                         00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                         0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                               000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                    0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                             000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                               0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                  000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                               00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                             00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                         00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    C:\ProgramData\IePluginServices\PluginService.exe[1824] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                         00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                                                 0000000076ad8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                      0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                        0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                      0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                      000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                         00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                  00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                         000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                  0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                        000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                             0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                      000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                        0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                           000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                        00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                      00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                  00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\afwServ.exe[1040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                  00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                              0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                              0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                              000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                 00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                          00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                 000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                          0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                     0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                              000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                   000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                              00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                          00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[2228] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                          00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                  0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                    0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                  0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                  000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                     00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                              00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                     000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                              0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                    000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                         0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                  000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                    0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                       000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                    00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                  00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                              00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe[2396] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                              00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                          0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                            0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                          0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                          000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                             00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                      00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                             000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                      0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                            000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                 0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                          000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                            0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                               000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                            00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                          00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                      00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2900] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                      00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!GetMenu + 412                                                                                                            0000000076ec51dd 7 bytes JMP 000000011003ac50
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!PeekMessageA + 407                                                                                                       0000000076ec610b 7 bytes JMP 000000011003b000
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!CreateDialogIndirectParamW + 131                                                                                         0000000076ecc6c1 7 bytes JMP 000000011003abc0
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectA + 199                                                                                                0000000076f0fc98 7 bytes JMP 000000011003af50
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!MessageBoxIndirectW + 52                                                                                                 0000000076f0fcd1 7 bytes JMP 000000011003adf0
.text    C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe[5296] C:\Windows\syswow64\USER32.dll!MessageBoxExA + 31                                                                                                       0000000076f0fcf5 7 bytes JMP 000000011003af00
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                     0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                       0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                     0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                     000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                        00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                 00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                        000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                 0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                       000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                            0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                     000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                       0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                          000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                       00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                     00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                 00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe[5344] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                 00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExW + 17                                                                                                      0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!EnumProcessModules + 17                                                                                                        0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 17                                                                                                      0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 42                                                                                                      000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!EnumDeviceDrivers + 17                                                                                                         00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameA + 17                                                                                                  00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSetEx + 17                                                                                                         000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetDeviceDriverBaseNameW + 17                                                                                                  0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameW + 17                                                                                                        000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!EnumProcesses + 17                                                                                                             0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetProcessMemoryInfo + 17                                                                                                      000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetPerformanceInfo + 17                                                                                                        0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!QueryWorkingSet + 17                                                                                                           000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleBaseNameA + 17                                                                                                        00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetModuleFileNameExA + 17                                                                                                      00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 20                                                                                                  00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe[5476] C:\Windows\syswow64\PSAPI.dll!GetProcessImageFileNameW + 31                                                                                                  00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                  0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                   00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                            00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                   000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                            0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                  000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                       0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                  0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                     000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                  00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                            00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe[5524] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                            00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                       0000000077491401 2 bytes JMP 76afb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                         0000000077491419 2 bytes JMP 76afb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                       0000000077491431 2 bytes JMP 76b78ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                       000000007749144a 2 bytes CALL 76ad48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                         * 9
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                          00000000774914dd 2 bytes JMP 76b787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                   00000000774914f5 2 bytes JMP 76b78978 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                          000000007749150d 2 bytes JMP 76b78698 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                   0000000077491525 2 bytes JMP 76b78a62 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                         000000007749153d 2 bytes JMP 76aefca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                              0000000077491555 2 bytes JMP 76af68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                       000000007749156d 2 bytes JMP 76b78f61 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                         0000000077491585 2 bytes JMP 76b78ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                            000000007749159d 2 bytes JMP 76b7865c C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                         00000000774915b5 2 bytes JMP 76aefd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                       00000000774915cd 2 bytes JMP 76afb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                                   00000000774916b2 2 bytes JMP 76b78e24 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe[5600] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                                   00000000774916bd 2 bytes JMP 76b785f1 C:\Windows\syswow64\kernel32.dll
.text    E:\Programme\avastui.exe[5824] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter                                                                                                                                 0000000076ad8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]

---- Threads - GMER 2.1 ----

Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2756]                                                                                                                                     0000000077a43e85
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2792]                                                                                                                                     0000000077a42e65
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2828]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2832]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2836]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2840]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2844]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2848]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2852]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2856]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2860]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2864]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2908]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2912]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2936]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3048]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3052]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3056]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3060]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3064]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3068]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2112]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2784]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:2788]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:1504]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3140]                                                                                                                                     0000000077a43e85
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3232]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3272]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3276]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3280]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3284]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3288]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:3308]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4660]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4664]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4668]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4672]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4884]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4812]                                                                                                                                     000000006f1429e1
Thread   C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2716:4904]                                                                                                                                     000000006f1429e1
---- Processes - GMER 2.1 ----

Process  C:\ProgramData\IePluginServices\PluginService.exe (*** suspicious ***) @ C:\ProgramData\IePluginServices\PluginService.exe [1824] (IePlugin Service/Cherished Technololgy LIMITED)(2014-08-28 13:50:58)                     0000000000270000
Process  C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (*** suspicious ***) @ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [1868] (WindowsProtectManger Service/Fuyu LIMITED)(2014-08-28 13:50:52)  0000000000020000
Library  C:\Users\Julian\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe [5600](2014-11-13 06:49:58)                                                     0000000003c00000
Library  c:\users\julian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgpfdim.dll (*** suspicious ***) @ C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe [5600](2014-12-08 18:49:11)       0000000004040000
Library  C:\Users\Julian\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe [5600](2013-08-23 19:01:44)                                                           0000000052770000
Library  C:\Users\Julian\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe [5600] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                             0000000054740000
Process  \\?\C:\Windows\system32\wbem\WMIADAP.EXE (*** suspicious ***) @ \\?\C:\Windows\system32\wbem\WMIADAP.EXE [6528] (WMI Reverse Performance Adapter Maintenance Utility/Microsoft Corporation)(2012-12-13 09:09:58)            000000013f0c0000

---- EOF - GMER 2.1 ----
ADDITION:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by Julian at 2014-12-08 19:50:21
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Ableton Live 9 Suite (HKLM\...\{F6BA3E9F-8637-4DCE-BBA8-75A6A57A9D0B}) (Version: 9.0.0.0 - Ableton)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.13.1 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Captivate Quiz Results Analyzer (HKLM-x32\...\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Captivate Reviewer (HKLM-x32\...\AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Presenter 7 (HKLM-x32\...\Adobe Presenter 7) (Version: 7.0.6 - Adobe Systems)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Alien Isolation Ripley Edition MULTi2 1.0 (HKLM-x32\...\Alien Isolation Ripley Edition MULTi2 1.0) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amiga Forever (HKLM-x32\...\{F3626735-458B-48DD-A8E2-9746D3BB144D}) (Version: 2012.3.0 - Cloanto)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Another World 20th Anniversary Edition (c) Focus Home Interactive version 1 (HKLM-x32\...\QW5vdGhlciBXb3JsZA==_is1) (Version: 1 - )
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 7 Blue Net (HKLM-x32\...\AquaSoft DiaShow 7 Blue Net) (Version: 7.7.11 - AquaSoft)
AquaSoft DiaShow 7 Blue Net (x32 Version: 7.7.11 - AquaSoft) Hidden
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
B400 Series PCL Driver from OKI® Printing Solutions for Windows  (HKLM-x32\...\{E327C2A5-E236-44C4-A410-B899403A49A9}) (Version: 102 - OKI® Printing Solutions)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
BeadSurgeInstaller (HKLM-x32\...\{C1816FB6-2290-4251-8D11-E7ED83D0FD0F}) (Version: 1.0.0 - Default Company Name)
BitTorrent (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
C5200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{79C211A9-80D7-4E2A-A847-55BCC8F2ADCF}) (Version: 0.9.14 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.107 - MSI)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneSpy 3.1 (HKLM-x32\...\CloneSpy) (Version: 3.1 - The CloneSpy Team)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.048 - MSI)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - )
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 20.0.1 - 8pecx Studios)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1905c.56 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Das Testament des Sherlock Holmes (HKLM-x32\...\{38A96559-FF39-4089-A609-BFD76C4A6C07}_is1) (Version: 1.00.0777 - Focus Home Interactive)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dolphin 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
DVDFab 9.0.1.6 (14/12/2012) Qt (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
Enclave (HKLM-x32\...\Enclave_is1) (Version:  - )
Euro Truck Simulator 2 Version 1.6.1 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.6.1 - SCS Software)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version:  - GOG.com)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Free Countdown Timer 3.1.0 (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 3.1 - Comfort Software Group)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Freeraser (HKLM-x32\...\Freeraser) (Version: 1.0.0.23 - Codyssey.com)
Freiwild-Tabs Version 1.2 (HKLM-x32\...\{1D0A4209-B251-486A-B09E-DD5A2123F814}_is1) (Version: 1.2 - Freiwild United)
Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 (HKLM-x32\...\R2FtZURldlR5Y29vbnYxMzI=_is1) (Version: 1 - )
Game of Thrones A Telltale Games Series (HKLM-x32\...\Game of Thrones A Telltale Games Series_is1) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gothic (SCREENFUN-DVD November 2005) (HKLM-x32\...\Gothic_Screenfun) (Version:  - )
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0 (HKLM-x32\...\Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0) (Version:  - )
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version:  - The Plugin Site)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
iDevice Manager (HKLM-x32\...\FE5AE7DC-7B01-4263-A94C-B4526C276550_is1) (Version: 2.1.0.0 - Marx Softwareentwicklung)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
KProbe 2.5.2 (HKLM-x32\...\KProbe) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lilly Looking Through (HKLM-x32\...\GOGPACKLILLYLOOKINGTHROUGH_is1) (Version: 2.0.0.3 - GOG.com)
Live Update 5 (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.099 - MSI)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
MD Adressbuch 2012 (HKLM-x32\...\MD Adressbuch 2012_is1) (Version:  - Stefan Göppert Softwareentwicklung)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
MediaCenterPlugin Filme (HKLM-x32\...\{BC51B01C-2A33-49F3-A386-F8F7B1904757}) (Version: 1.0.1.0 - MS)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Mezzmo (HKLM-x32\...\{9BE11DE3-4703-4482-BC77-A32D73951334}) (Version: 2.7.1.0 - Conceiva)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mittelerde Mordors Schatten Premium Edition MULTi2 1.0 (HKLM-x32\...\Mittelerde Mordors Schatten Premium Edition MULTi2 1.0) (Version:  - )
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.029 - MSI)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
My Game Long Name (HKLM\...\UDK-0bd5954c-451b-4853-b8a9-c716bf446f85) (Version:  - Epic Games, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NbuExplorer version 3.2 (HKLM-x32\...\{6C58B3E8-0822-490B-BC94-40CC02A6B37F}_is1) (Version: 3.2 - Petr Vilem)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
nGlide 0.97 (HKLM-x32\...\nGlide) (Version: .97 - Zeus Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{87CCB9C0-55B9-4110-884F-A6CB0927EF50}) (Version: 16.0.139 - O&O Software GmbH)
OlliOlli (HKLM-x32\...\1207665033_is1) (Version: 2.0.0.2 - GOG.com)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)
Outlast Version 1.0.11774 (HKLM-x32\...\Outlast_is1) (Version: 1.0.11774 - Red Barrels)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.0.29375 - Grinding Gear Games)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5 - Alessandro Portale)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PS3Splitter version 1.1.5.1 (HKLM-x32\...\PS3Splitter_is1) (Version: 1.1.5.1 - Karmian.org)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Game Capture HD PRO (HKLM-x32\...\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}) (Version: 1.0 - Roxio)
schobuk 2.1 (HKLM-x32\...\schobuk_is1) (Version: schobuk 2.1 - )
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadow Warrior (HKLM-x32\...\Shadow Warrior_is1) (Version:  - Devolver Digital)
Shovel Knight (HKLM-x32\...\Shovel Knight_is1) (Version:  - )
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.9.0 - Cloanto Corporation)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.1.1307.29) (Version: 2.1.1307.29 - Solveig Multimedia)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
SSDlife Pro (HKLM-x32\...\{800E31CD-E1E7-40EC-8410-5736E427F49A}) (Version: 2.3.52 - BinarySense Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.016 - MSI)
Syberia 2 (HKLM-x32\...\GOGPACKSYBERIA2_is1) (Version: 2.0.0.8 - GOG.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Banner Saga (HKLM-x32\...\VGhlQmFubmVyU2FnYQ==_is1) (Version: 1 - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - )
The Whispered World (HKLM-x32\...\{82225685-1513-4975-B624-155C10F3EE16}) (Version: 1.01 - Deep Silver)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
To The Moon (HKLM-x32\...\To The Moon_is1) (Version:  - )
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Torque (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Torque) (Version: 4.2.5.28819 - BitTorrent Inc.)
Torque Plugin (HKLM-x32\...\{00A3B50F-A7CA-45D5-BFAA-902CEC7A2A43}) (Version: 4.4.2 - BitTorrent, Inc)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Tropico 4 Modern Times V1.0.6(CREATED BY XEONKING©) (HKLM-x32\...\Tropico 4 Modern Times_is1) (Version: 1.0.6 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\XBMC) (Version:  - Team XBMC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{497F4457-E72A-6401-43CC-BD00574E0EE8}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-11-2014 13:48:20 Windows Update
01-12-2014 10:52:56 Installed PSP ISO Compressor
05-12-2014 17:44:08 Windows Update
08-12-2014 17:54:04 Sony PC Companion

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-04-28 11:51 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {041CBF80-E6EF-4CD2-837D-E4028E68CCAC} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {40DB3538-9F3E-484E-94B6-8CAC759CE76C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {4D656BF0-0C1C-4BEC-81BA-E89E0C809B7A} - System32\Tasks\AdobeAAMUpdater-1.0-JulianDesktopPC-Julian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5E0B70D8-99CF-4198-8E2A-4BA419C801A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {6A022FC3-240F-47AF-B42F-252DDE1AB2EC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7316DC84-4675-4FC6-AB2F-BDE3E7149650} - System32\Tasks\avast! Emergency Update => E:\Programme\AvastEmUpdate.exe [2014-11-16] (AVAST Software)
Task: {B15E404A-9CC9-4430-869C-2DC47EB0B041} - System32\Tasks\{021D7834-B7D5-4770-BCE2-16D667638E6A} => E:\Programme\ePSX\ePSXe.exe [2012-11-09] ()
Task: {B8D898E6-02AD-453A-B524-8DFA9EA0B39D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {B9419299-4C7A-4AAE-88E0-F9C538557339} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8CA911B-DE69-4E8C-B8BF-038739DF3A8A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-02-22] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-01-18 17:00 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-16 20:36 - 2012-08-16 20:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 20:36 - 2012-08-16 20:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-02-23 15:21 - 2013-01-22 22:35 - 00009728 _____ () C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-16 17:31 - 2012-09-07 15:57 - 00559424 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2014-03-07 22:32 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-12-08 11:16 - 2014-12-08 11:16 - 02905088 _____ () E:\Programme\defs\14120800\algo.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-25 18:32 - 2012-06-28 09:24 - 00541683 _____ () E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\sqlite3.dll
2013-01-21 22:25 - 2010-11-25 11:11 - 00062464 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\HS_REGEX.dll
2013-01-21 22:25 - 2012-08-14 11:36 - 00477696 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\tag.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00839680 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\LIBEAY32.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00159744 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\SSLEAY32.dll
2013-01-21 22:25 - 2012-03-29 10:32 - 00060928 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\extension-functions.dll
2014-03-07 22:32 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-03-07 22:32 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-03-07 22:32 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-03-07 22:32 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2014-06-12 09:19 - 2014-06-12 09:19 - 00643584 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2014-12-08 19:49 - 2014-12-08 19:49 - 00043008 _____ () c:\users\julian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgpfdim.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Julian\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-16 10:37 - 2014-11-16 10:37 - 38562088 _____ () E:\Programme\libcef.dll
2014-11-11 11:06 - 2014-11-11 11:06 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-01-18 16:48 - 2012-03-29 06:18 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:7D63E91CD9ABF8BB

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Trend Micro SafeSync.lnk => C:\Windows\pss\Trend Micro SafeSync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Julian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: 2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Programme\Adobe X Suite\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Julian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: AppleIEDAV => E:\Programme\iCloud\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => E:\Programme\iCloud\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bonus.SSR.FR11 => "E:\Programme\Abbyy FineReader\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "E:\Programme\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => E:\Programme\iCloud\BookmarkDAV_client.exe
MSCONFIG\startupreg: ControlCenterCount => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Programme\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: HP Software Update => E:\Programme\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => E:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => E:\Programme\iCloud\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Joystick 2 Mouse => C:\Program Files (x86)\Joystick 2 Mouse 3\Joystick 2 Mouse.exe /NoConfigure
MSCONFIG\startupreg: Live Update 5 => E:\Programme\MSI Live Update 5\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: MSI Suite => C:\MSI\MSI SUITE\StartMSISuite.exe
MSCONFIG\startupreg: PC Suite Tray => "E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDFPrint => E:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: Power2GoExpress => NA
MSCONFIG\startupreg: PowerDVD12Agent => "E:\Programme\PowerDVD\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: PowerDVD12DMREngine => "E:\Programme\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: WinampAgent => E:\Programme\Winamp\winampa.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3333801471-2121581504-1765403736-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3333801471-2121581504-1765403736-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3333801471-2121581504-1765403736-1006 - Limited - Enabled)
Julian (S-1-5-21-3333801471-2121581504-1765403736-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/08/2014 07:48:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2014 07:32:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2014 07:29:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2014 06:49:43 PM) (Source: MsiInstaller) (EventID: 1018) (User: JulianDesktopPC)
Description: Die Anwendung "Microsoft ActiveSync" konnte nicht installiert werden, da sie mit dieser Windows-Version nicht kompatibel ist. Wenden Sie sich an den Hersteller der Anwendung, um ein Update zu erhalten.

Error: (12/08/2014 06:48:58 PM) (Source: MsiInstaller) (EventID: 1018) (User: JulianDesktopPC)
Description: Die Anwendung "Microsoft ActiveSync" konnte nicht installiert werden, da sie mit dieser Windows-Version nicht kompatibel ist. Wenden Sie sich an den Hersteller der Anwendung, um ein Update zu erhalten.

Error: (12/08/2014 11:15:49 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/08/2014 01:01:30 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/07/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (12/07/2014 00:45:53 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/07/2014 00:36:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998


System errors:
=============
Error: (12/08/2014 07:48:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (12/08/2014 07:48:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 07:48:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 07:48:18 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "M:" können nicht gelesen werden.

Error: (12/08/2014 07:48:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/08/2014 07:32:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (12/08/2014 07:31:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 07:31:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update ClearThink" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2014 07:31:44 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "M:" können nicht gelesen werden.

Error: (12/08/2014 07:31:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (12/08/2014 07:48:28 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2014 07:32:01 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2014 07:29:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2014 06:49:43 PM) (Source: MsiInstaller) (EventID: 1018) (User: JulianDesktopPC)
Description: Microsoft ActiveSync(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/08/2014 06:48:58 PM) (Source: MsiInstaller) (EventID: 1018) (User: JulianDesktopPC)
Description: Microsoft ActiveSync(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/08/2014 11:15:49 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2014 01:01:30 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2014 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: F:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (12/07/2014 00:45:53 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2014 00:36:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998


CodeIntegrity Errors:
===================================
  Date: 2014-03-23 13:28:18.898
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-23 11:39:13.184
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 22:15:15.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 10:17:37.190
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 03:40:57.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 00:16:58.336
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-21 11:08:21.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 23:37:52.444
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 23:13:50.131
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 21:59:21.404
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16335.52 MB
Available physical RAM: 13502.16 MB
Total Pagefile: 32669.21 MB
Available Pagefile: 29892.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:10.86 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:353.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: EC8F2F72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CC96EFA6)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 KB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 09.12.2014, 16:23   #5
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.12.2014, 11:25   #6
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Code:
ATTFilter
ComboFix 14-12-10.01 - Julian 10.12.2014  11:11:27.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16336.13796 [GMT 1:00]
ausgeführt von:: c:\users\Julian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
 ADS - Windows: deleted 24 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1358779234.bdinstall.bin
c:\programdata\1359773389.bdinstall.bin
c:\programdata\1359893980.bdinstall.bin
c:\programdata\1361643847.bdinstall.bin
c:\programdata\1361644248.bdinstall.bin
c:\programdata\1405517558.bdinstall.bin
c:\users\Julian\4.0
c:\users\Julian\AppData\Local\.#
c:\users\Julian\AppData\Local\.#\MBX@15F4@811B68.###
c:\users\Julian\AppData\Local\.#\MBX@19E0@1F71B98.###
c:\users\Julian\AppData\Local\.#\MBX@C08@20A1B78.###
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-11-10 bis 2014-12-10  ))))))))))))))))))))))))))))))
.
.
2014-12-10 10:16 . 2014-12-10 10:16	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-12-10 10:16 . 2014-12-10 10:16	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2014-12-10 10:16 . 2014-12-10 10:16	--------	d-----w-	c:\users\Acronis Agent User\AppData\Local\temp
2014-12-09 09:11 . 2014-11-02 04:20	11632448	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{40E9A4DB-BF87-490E-8275-4144B0829388}\mpengine.dll
2014-12-08 18:39 . 2014-12-08 18:50	--------	d-----w-	C:\FRST
2014-12-08 18:37 . 2014-12-08 18:38	--------	d-----w-	c:\users\Julian\AppData\Local\Martin Fuchs
2014-12-08 10:15 . 2014-12-10 10:07	94656	----a-w-	c:\windows\system32\WPRO_41_2001woem.tmp
2014-12-02 11:02 . 2014-12-02 11:02	--------	d-----w-	c:\windows\SysWow64\vbox
2014-12-02 11:02 . 2014-12-02 11:02	--------	d-----w-	c:\windows\system32\vbox
2014-11-19 10:38 . 2014-11-11 03:08	241152	----a-w-	c:\windows\system32\pku2u.dll
2014-11-19 10:38 . 2014-11-11 03:08	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-11-19 10:38 . 2014-11-11 02:44	186880	----a-w-	c:\windows\SysWow64\pku2u.dll
2014-11-19 10:38 . 2014-11-11 02:44	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-11-18 13:09 . 2014-11-18 13:09	--------	d-----w-	c:\users\Julian\AppData\Roaming\Yacht Club Games
2014-11-16 09:37 . 2014-11-16 09:37	364512	----a-w-	c:\windows\system32\aswBoot.exe
2014-11-16 09:37 . 2014-11-16 09:37	43152	----a-w-	c:\windows\avastSS.scr
2014-11-16 09:36 . 2014-11-16 09:36	449936	----a-w-	c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-12 09:05 . 2014-08-21 06:43	1882624	----a-w-	c:\windows\system32\msxml3.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 10:07 . 2013-02-02 03:25	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2014-12-09 22:42 . 2013-01-18 19:23	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-09 22:42 . 2013-01-18 19:23	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-22 08:56 . 2014-07-16 13:29	1050432	----a-w-	c:\windows\system32\drivers\aswsnx.sys
2014-11-16 09:37 . 2014-07-16 14:12	116728	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-11-16 09:37 . 2014-07-16 14:12	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-11-16 09:37 . 2014-07-16 13:29	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-11-16 09:37 . 2014-07-16 13:29	83280	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-11-16 09:37 . 2014-07-16 13:29	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-11-16 09:37 . 2014-07-16 13:29	436624	----a-w-	c:\windows\system32\drivers\aswsp.sys
2014-11-16 09:37 . 2014-07-16 13:29	267632	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-11-16 09:36 . 2014-07-16 13:29	28184	----a-w-	c:\windows\system32\drivers\aswKbd.sys
2014-11-12 12:45 . 2012-12-13 08:31	103374192	----a-w-	c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2010-11-21 03:27	275080	------w-	c:\windows\system32\MpSigStub.exe
2014-10-20 13:54 . 2014-10-20 13:54	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-25 02:08 . 2014-10-01 07:05	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 07:05	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-10-15 468192]
"BitTorrent"="c:\users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-11-26 1388888]
"2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-11-25 856904]
"FreeCT"="e:\programme 2\FreeCountdownTimer\FreeCountdownTimer.exe" [2014-02-25 2432280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-12-21 507016]
"WinampAgent"="e:\programme\Winamp\winampa.exe" [2012-06-28 74752]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2010-05-21 324976]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2012-12-10 527864]
"AvastUI.exe"="e:\programme\AvastUI.exe" [2014-11-21 5226600]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
.
c:\users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-11-13 35419192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe [2012-8-16 316416]
Software Director Scheduler.lnk - c:\program files (x86)\Common Files\Cloanto\Software Director\softdir.exe /s [2013-2-2 369560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0OODBS
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Update ClearThink;Update ClearThink;c:\program files (x86)\ClearThink\updateClearThink.exe;c:\program files (x86)\ClearThink\updateClearThink.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;e:\programme\ng\vbox\AvastVBoxSVC.exe;e:\programme\ng\vbox\AvastVBoxSVC.exe [x]
R3 cpuz136;cpuz136;c:\users\Julian\AppData\Local\Temp\cpuz136\cpuz136_x64.sys;c:\users\Julian\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 H5xUSB;Roxio GameCAP HD PRO;c:\windows\system32\Drivers\uth5x64.sys;c:\windows\SYSNATIVE\Drivers\uth5x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ipadtst;ipadtst;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys;c:\program files (x86)\MSI\Super-Charger\ipadtst_64.sys [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;e:\programme\MSI Live Update 5\Live Update 5\NTIOLib_X64.sys;e:\programme\MSI Live Update 5\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RoxMediaDBGame1X;RoxMediaDBGame1X;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe;c:\program files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys [x]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys [x]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys [x]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys [x]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/01/25 18:33];e:\programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl;e:\programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;e:\programme\afwServ.exe;e:\programme\afwServ.exe [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;e:\programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;e:\programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;e:\programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;e:\programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;e:\programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;e:\programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Mezzmo_Desktop;Mezzmo Desktop;c:\program files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe;c:\program files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [x]
S2 MSI_ComCenService;MSI_ComCenService;c:\msi\MSI SUITE\ControlCenter\ComCenService.exe;c:\msi\MSI SUITE\ControlCenter\ComCenService.exe [x]
S2 MSI_SuiteCharger;MSI_SuiteCharger;c:\msi\MSI SUITE\Super-Charger\SuiteChargeService.exe;c:\msi\MSI SUITE\Super-Charger\SuiteChargeService.exe [x]
S2 MSI_SuiteFastBoot;MSI_SuiteFastBoot;c:\msi\MSI SUITE\FastBoot\SuiteFastBootService.exe;c:\msi\MSI SUITE\FastBoot\SuiteFastBootService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 MSIFileSyncMonitor;MSI FileSync Monitor;c:\msi\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe;c:\msi\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [x]
S2 MSSQL$MYMOVIES;SQL Server (MYMOVIES);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;e:\programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;e:\programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 OODefragAgent;O&O Defrag;e:\programme\O&O Defrag\oodag.exe;e:\programme\O&O Defrag\oodag.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;e:\programme\ng\vbox\VBoxAswDrv.sys;e:\programme\ng\vbox\VBoxAswDrv.sys [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 17:08	1087304	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-18 22:42]
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-18 13:58]
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-18 13:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-16 09:37	860984	----a-w-	e:\programme\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 12:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-12-03 6854800]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
FF - ExtSQL: !HIDDEN! 2013-01-29 14:24; smartwebprinting@hp.com; e:\programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\e:\programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG16.00.00.01PROFESSIONAL"="459E34389C160A5568B8A98727E91293FE91B3F6D03C9AAC79A5E729F78DD4007383EE194981D1D2A084E97135FD32D34ACC5E307B95DD6860A540A5B9C54FD3131B7E3817816D2005F6297EFA0FF3628B7F22A8523472CCF88F613964335689FB7BC30A3D1400F31142F22B1EC8F10E7D16D2020E110DDA5FAE874CE13AD5F94D6B06DFF32ED01902CCB6C9C94CEEB41E36A9B2689807A7F382D5191F3660FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74C8EDD5E5BE2F6E667FEBC9E127BECC74C7F90A99CE5C5C4C38A804054234B390FEEAD931BC389ADF60162EF6A9D2C9431E8B6518D2AC24C8238DDF25D41939D494705AF199E838092E43EC1C3BE8D434B5C04BA9804C66DF9BC466290317684828206D36EACBD90880487F56621CA7E56B0103FD0E2234C58233048E625780026032BB31D058BFB9C33D9DF00E22B930E5235EC2889B180750E5A8F3E272117C1BF30B80C17C85537DE92051EF4784353439207F80ECC194732C2D7581200C287C097FD8521D1256285D39D359D82BF28950C04FDDA5417ED582F74D91622714EA725D4373909E54BBB84189C751C3236F3498D59B0AC6D27DF266DCD361E060E24634134C6D28547274E958E6B1A35C798B3048E9F3C875AB7747E1F4B8DD466FC1FFCF3899AE7CB841FECAB4159DACED4FBF786906EC18FE52C15A07F0C29978CE8F24E0F4D6474A22826770DB626DC0C15B08C3C356B73849DD688D3B941894296C4843E5CC6FEE4617ED8B6168EABB7B5A8D1B482CBD640E49BED1C3BCDC49E404736CEBD4BCF4284691BFEDC009663580FEA594D1BAE59DBECD0003AF576B944026C4E6AA76D450F89ED75F65C9C2F3D454F6313869427220C90FA635372BCC2320F1CE081038FC33B64805277635067635C5CD2AD44911E6CF35CE574ADE522486E6FA1F35E52288B77D9E196B10E9DB152228F279F1676B32448F75A42070B683C4E348FF2D387BA7F8F9C78F3C4EBB0D5E9D17C2B46973FAD3751FA6D08E9EA0F97205557F2EE3F3E827CCB39E5A0136E3824A99046B11E82F42FC11261F05C61FAF43E489C3141D6697FB53674CE3E88E9979F1BD1B89477A0D20C35A2147E10FC43B2A1D3E2A0CF4E2BCC42094DCC762C3EC3BCB3651947ADFE2C82ED8DC45FF7219368B061EC160E821EDA50388C6901B0EE0B4EB3D60F65FCE645F8D958769628B4C35E476C765B932A1D89EE81FC428A6EBC17632E4F619A77700EBA95DD5B75DA7D9C791927BA6AE3CE8A13E12C986C82B116F733ED13288C1B0D340C049A2B4204BC9B20BE089A33583A8D985682F7E1E86A3B2CB33EF8C67D651101BBFC6F1B6C299AE1B66EBAF4C39508C2C1D3D5B28744B895CEF8673CF59F"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-10  11:18:05
ComboFix-quarantined-files.txt  2014-12-10 10:18
.
Vor Suchlauf: 9.941.274.624 Bytes frei
Nach Suchlauf: 9.865.486.336 Bytes frei
.
- - End Of File - - FC55A4E0BD404BBFF87F5C076F0AC668
A36C5E4F47E84449FF07ED3517B43A31

Alt 10.12.2014, 19:21   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.12.2014, 20:37   #8
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Danke schonmal für die Antwort! Hier einmal die Logfiles

ADWCLEANER:
Code:
ATTFilter
# AdwCleaner v4.105 - Bericht erstellt am 10/12/2014 um 20:04:51
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Local]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Julian - JULIANDESKTOPPC
# Gestartet von : C:\Users\Julian\Desktop\adwcleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v34.0.5 (x86 de)


-\\ Google Chrome v39.0.2171.71


*************************

AdwCleaner[R0].txt - [32877 octets] - [12/07/2014 13:39:06]
AdwCleaner[R1].txt - [9406 octets] - [10/12/2014 10:53:23]
AdwCleaner[R2].txt - [1093 octets] - [10/12/2014 11:05:38]
AdwCleaner[R3].txt - [9207 octets] - [10/12/2014 14:02:09]
AdwCleaner[R4].txt - [1305 octets] - [10/12/2014 19:57:39]
AdwCleaner[R5].txt - [1365 octets] - [10/12/2014 20:03:19]
AdwCleaner[S0].txt - [31965 octets] - [12/07/2014 14:02:50]
AdwCleaner[S1].txt - [8222 octets] - [10/12/2014 10:54:49]
AdwCleaner[S2].txt - [1159 octets] - [10/12/2014 11:06:54]
AdwCleaner[S3].txt - [8774 octets] - [10/12/2014 14:03:24]
AdwCleaner[S4].txt - [1287 octets] - [10/12/2014 20:04:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1347 octets] ##########
MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.12.2014
Suchlauf-Zeit: 19:50:50
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.10.06
Rootkit Datenbank: v2014.12.08.03
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Julian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 459450
Verstrichene Zeit: 5 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x64
Ran by Julian on 10.12.2014 at 20:08:19,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update clearthink
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util clearthink
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171196}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\xco5vqxz.Jables\extensions\toolbar@web.de
Emptied folder: C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\xco5vqxz.Jables\minidumps [212 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.12.2014 at 20:11:23,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01
Ran by Julian at 2014-12-10 20:34:51
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Ableton Live 9 Suite (HKLM\...\{F6BA3E9F-8637-4DCE-BBA8-75A6A57A9D0B}) (Version: 9.0.0.0 - Ableton)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.13.1 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Captivate Quiz Results Analyzer (HKLM-x32\...\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Captivate Reviewer (HKLM-x32\...\AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Presenter 7 (HKLM-x32\...\Adobe Presenter 7) (Version: 7.0.6 - Adobe Systems)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Alien Isolation Ripley Edition MULTi2 1.0 (HKLM-x32\...\Alien Isolation Ripley Edition MULTi2 1.0) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amiga Forever (HKLM-x32\...\{F3626735-458B-48DD-A8E2-9746D3BB144D}) (Version: 2012.3.0 - Cloanto)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Another World 20th Anniversary Edition (c) Focus Home Interactive version 1 (HKLM-x32\...\QW5vdGhlciBXb3JsZA==_is1) (Version: 1 - )
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 7 Blue Net (HKLM-x32\...\AquaSoft DiaShow 7 Blue Net) (Version: 7.7.11 - AquaSoft)
AquaSoft DiaShow 7 Blue Net (x32 Version: 7.7.11 - AquaSoft) Hidden
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
B400 Series PCL Driver from OKI® Printing Solutions for Windows  (HKLM-x32\...\{E327C2A5-E236-44C4-A410-B899403A49A9}) (Version: 102 - OKI® Printing Solutions)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
BeadSurgeInstaller (HKLM-x32\...\{C1816FB6-2290-4251-8D11-E7ED83D0FD0F}) (Version: 1.0.0 - Default Company Name)
BitTorrent (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
C5200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{79C211A9-80D7-4E2A-A847-55BCC8F2ADCF}) (Version: 0.9.14 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.107 - MSI)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneSpy 3.1 (HKLM-x32\...\CloneSpy) (Version: 3.1 - The CloneSpy Team)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.048 - MSI)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - )
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 20.0.1 - 8pecx Studios)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1905c.56 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Das Testament des Sherlock Holmes (HKLM-x32\...\{38A96559-FF39-4089-A609-BFD76C4A6C07}_is1) (Version: 1.00.0777 - Focus Home Interactive)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dolphin 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
DVDFab 9.0.1.6 (14/12/2012) Qt (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
Enclave (HKLM-x32\...\Enclave_is1) (Version:  - )
Euro Truck Simulator 2 Version 1.6.1 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.6.1 - SCS Software)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version:  - GOG.com)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Free Countdown Timer 3.1.0 (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 3.1 - Comfort Software Group)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Freeraser (HKLM-x32\...\Freeraser) (Version: 1.0.0.23 - Codyssey.com)
Freiwild-Tabs Version 1.2 (HKLM-x32\...\{1D0A4209-B251-486A-B09E-DD5A2123F814}_is1) (Version: 1.2 - Freiwild United)
Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 (HKLM-x32\...\R2FtZURldlR5Y29vbnYxMzI=_is1) (Version: 1 - )
Game of Thrones A Telltale Games Series (HKLM-x32\...\Game of Thrones A Telltale Games Series_is1) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gothic (SCREENFUN-DVD November 2005) (HKLM-x32\...\Gothic_Screenfun) (Version:  - )
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0 (HKLM-x32\...\Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0) (Version:  - )
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version:  - The Plugin Site)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
KProbe 2.5.2 (HKLM-x32\...\KProbe) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lilly Looking Through (HKLM-x32\...\GOGPACKLILLYLOOKINGTHROUGH_is1) (Version: 2.0.0.3 - GOG.com)
Live Update 5 (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.099 - MSI)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MD Adressbuch 2012 (HKLM-x32\...\MD Adressbuch 2012_is1) (Version:  - Stefan Göppert Softwareentwicklung)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
MediaCenterPlugin Filme (HKLM-x32\...\{BC51B01C-2A33-49F3-A386-F8F7B1904757}) (Version: 1.0.1.0 - MS)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Mezzmo (HKLM-x32\...\{9BE11DE3-4703-4482-BC77-A32D73951334}) (Version: 2.7.1.0 - Conceiva)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mittelerde Mordors Schatten Premium Edition MULTi2 1.0 (HKLM-x32\...\Mittelerde Mordors Schatten Premium Edition MULTi2 1.0) (Version:  - )
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.029 - MSI)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
My Game Long Name (HKLM\...\UDK-0bd5954c-451b-4853-b8a9-c716bf446f85) (Version:  - Epic Games, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NbuExplorer version 3.3 (HKLM-x32\...\{6C58B3E8-0822-490B-BC94-40CC02A6B37F}_is1) (Version: 3.3 - Petr Vilem)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
nGlide 0.97 (HKLM-x32\...\nGlide) (Version: .97 - Zeus Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{87CCB9C0-55B9-4110-884F-A6CB0927EF50}) (Version: 16.0.139 - O&O Software GmbH)
OlliOlli (HKLM-x32\...\1207665033_is1) (Version: 2.0.0.2 - GOG.com)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)
Outlast Version 1.0.11774 (HKLM-x32\...\Outlast_is1) (Version: 1.0.11774 - Red Barrels)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.0.29375 - Grinding Gear Games)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5 - Alessandro Portale)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PS3Splitter version 1.1.5.1 (HKLM-x32\...\PS3Splitter_is1) (Version: 1.1.5.1 - Karmian.org)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Game Capture HD PRO (HKLM-x32\...\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}) (Version: 1.0 - Roxio)
schobuk 2.1 (HKLM-x32\...\schobuk_is1) (Version: schobuk 2.1 - )
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadow Warrior (HKLM-x32\...\Shadow Warrior_is1) (Version:  - Devolver Digital)
Shovel Knight (HKLM-x32\...\Shovel Knight_is1) (Version:  - )
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.9.0 - Cloanto Corporation)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.1.1307.29) (Version: 2.1.1307.29 - Solveig Multimedia)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
SSDlife Pro (HKLM-x32\...\{800E31CD-E1E7-40EC-8410-5736E427F49A}) (Version: 2.3.52 - BinarySense Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.016 - MSI)
Syberia 2 (HKLM-x32\...\GOGPACKSYBERIA2_is1) (Version: 2.0.0.8 - GOG.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Banner Saga (HKLM-x32\...\VGhlQmFubmVyU2FnYQ==_is1) (Version: 1 - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - )
The Whispered World (HKLM-x32\...\{82225685-1513-4975-B624-155C10F3EE16}) (Version: 1.01 - Deep Silver)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
To The Moon (HKLM-x32\...\To The Moon_is1) (Version:  - )
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Torque (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Torque) (Version: 4.2.5.28819 - BitTorrent Inc.)
Torque Plugin (HKLM-x32\...\{00A3B50F-A7CA-45D5-BFAA-902CEC7A2A43}) (Version: 4.4.2 - BitTorrent, Inc)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Tropico 4 Modern Times V1.0.6(CREATED BY XEONKING©) (HKLM-x32\...\Tropico 4 Modern Times_is1) (Version: 1.0.6 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\XBMC) (Version:  - Team XBMC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{497F4457-E72A-6401-43CC-BD00574E0EE8}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-11-2014 13:48:20 Windows Update
01-12-2014 10:52:56 Installed PSP ISO Compressor
05-12-2014 17:44:08 Windows Update
08-12-2014 17:54:04 Sony PC Companion
09-12-2014 09:11:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-10 11:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {041CBF80-E6EF-4CD2-837D-E4028E68CCAC} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {12B5834F-B1CE-4557-B918-EFAE4834CB8F} - System32\Tasks\BZDUP => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: {1F911709-49FC-4A78-A31F-4AC0CC7D4D15} - System32\Tasks\StartPoint => C:\Users\Julian\AppData\Local\StartPoint\startpoint\1.3.17.3\startpoint.exe
Task: {3138D0C3-99FE-45D8-B296-FD18B8705DD0} - System32\Tasks\StartPoint Updater => C:\Users\Julian\AppData\Local\StartPoint\startpoint\1.3.17.3\startup.exe
Task: {40DB3538-9F3E-484E-94B6-8CAC759CE76C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {4D656BF0-0C1C-4BEC-81BA-E89E0C809B7A} - System32\Tasks\AdobeAAMUpdater-1.0-JulianDesktopPC-Julian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5E0B70D8-99CF-4198-8E2A-4BA419C801A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {6A022FC3-240F-47AF-B42F-252DDE1AB2EC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7316DC84-4675-4FC6-AB2F-BDE3E7149650} - System32\Tasks\avast! Emergency Update => E:\Programme\AvastEmUpdate.exe [2014-11-16] (AVAST Software)
Task: {B15E404A-9CC9-4430-869C-2DC47EB0B041} - System32\Tasks\{021D7834-B7D5-4770-BCE2-16D667638E6A} => E:\Programme\ePSX\ePSXe.exe [2012-11-09] ()
Task: {B8D898E6-02AD-453A-B524-8DFA9EA0B39D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {B9419299-4C7A-4AAE-88E0-F9C538557339} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CAD1D5D6-5C03-41A5-9074-9DC23B4E4923} - System32\Tasks\HYVVWFF => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
Task: {F8CA911B-DE69-4E8C-B8BF-038739DF3A8A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-02-22] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BZDUP.job => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HYVVWFF.job => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-01-18 17:00 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-16 20:36 - 2012-08-16 20:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 20:36 - 2012-08-16 20:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-02-23 15:21 - 2013-01-22 22:35 - 00009728 _____ () C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
2014-03-07 22:32 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-16 17:31 - 2012-09-07 15:57 - 00559424 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2014-12-10 10:48 - 2014-12-10 10:48 - 02905088 _____ () E:\Programme\defs\14121000\algo.dll
2014-12-10 20:07 - 2014-12-10 20:07 - 02905088 _____ () E:\Programme\defs\14121001\algo.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-25 18:32 - 2012-06-28 09:24 - 00541683 _____ () E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\sqlite3.dll
2013-01-21 22:25 - 2010-11-25 11:11 - 00062464 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\HS_REGEX.dll
2013-01-21 22:25 - 2012-08-14 11:36 - 00477696 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\tag.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00839680 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\LIBEAY32.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00159744 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\SSLEAY32.dll
2013-01-21 22:25 - 2012-03-29 10:32 - 00060928 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\extension-functions.dll
2014-03-07 22:32 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-03-07 22:32 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-03-07 22:32 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-03-07 22:32 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2014-06-12 09:19 - 2014-06-12 09:19 - 00643584 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtSvg4.dll
2014-12-10 20:06 - 2014-12-10 20:06 - 00043008 _____ () c:\users\julian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprjusgh.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Julian\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-16 10:37 - 2014-11-16 10:37 - 38562088 _____ () E:\Programme\libcef.dll
2013-01-18 16:48 - 2012-03-29 06:18 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-09 20:43 - 2014-12-09 20:43 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Trend Micro SafeSync.lnk => C:\Windows\pss\Trend Micro SafeSync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Julian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: 2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Programme\Adobe X Suite\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Julian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: AppleIEDAV => E:\Programme\iCloud\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => E:\Programme\iCloud\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bonus.SSR.FR11 => "E:\Programme\Abbyy FineReader\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "E:\Programme\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => E:\Programme\iCloud\BookmarkDAV_client.exe
MSCONFIG\startupreg: ControlCenterCount => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Programme\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: HP Software Update => E:\Programme\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => E:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => E:\Programme\iCloud\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Joystick 2 Mouse => C:\Program Files (x86)\Joystick 2 Mouse 3\Joystick 2 Mouse.exe /NoConfigure
MSCONFIG\startupreg: Live Update 5 => E:\Programme\MSI Live Update 5\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: MSI Suite => C:\MSI\MSI SUITE\StartMSISuite.exe
MSCONFIG\startupreg: PC Suite Tray => "E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDFPrint => E:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: Power2GoExpress => NA
MSCONFIG\startupreg: PowerDVD12Agent => "E:\Programme\PowerDVD\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: PowerDVD12DMREngine => "E:\Programme\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: WinampAgent => E:\Programme\Winamp\winampa.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3333801471-2121581504-1765403736-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3333801471-2121581504-1765403736-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3333801471-2121581504-1765403736-1006 - Limited - Enabled)
Julian (S-1-5-21-3333801471-2121581504-1765403736-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-10 11:15:45.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 11:15:45.464
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-23 13:28:18.898
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-23 11:39:13.184
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 22:15:15.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 10:17:37.190
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 03:40:57.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 00:16:58.336
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-21 11:08:21.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 23:37:52.444
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16335.52 MB
Available physical RAM: 13583.5 MB
Total Pagefile: 32669.21 MB
Available Pagefile: 29819.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:8.19 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:594.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive n: (EXTERN2) (Fixed) (Total:931.51 GB) (Free:135.62 GB) NTFS
Drive o: (EXTERN1) (Fixed) (Total:596.17 GB) (Free:8.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: EC8F2F72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CC96EFA6)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 KB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 97C0076A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 596.2 GB) (Disk ID: 72788C46)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 11.12.2014, 19:58   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.12.2014, 21:06   #10
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Ok, hier einmal das ESETT Logfile:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6aab92a6ecb4a54e987a3cc4e067b76e
# engine=21512
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-13 11:43:57
# local_time=2014-12-13 12:43:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 94357 170100887 0 0
# scanned=1046845
# found=86
# cleaned=86
# scan_time=9702
sh=5DEFC935D870E5DE5F15331F4F750EBCDF2EFE71 ft=1 fh=1f19e0b0b47ca70a vn="Variante von Win32/BrowseFox.N evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\46b9091ededa48d8b979.dll.vir"
sh=3FBE670A048D62F9647AD54D61CAB374C87C1004 ft=1 fh=673ac54335036849 vn="Variante von Win64/BrowseFox.CI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\46b9091ededa48d8b97964.dll.vir"
sh=4CA32C2FEFD4F3C82460F33390EA8C85B6620D9F ft=1 fh=fe401828b872da0c vn="Variante von Win32/BrowseFox.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe.vir"
sh=0D3AE1DC95775075B3B6007045453015859328BC ft=1 fh=a0bac250ae600db9 vn="Variante von Win64/BrowseFox.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter64.exe.vir"
sh=B130F1B6697AEA1464123CFE1CB7F9938121B9E9 ft=1 fh=564021269e8044b7 vn="Variante von Win64/BrowseFox.CJ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\SourceApp.expextdll.dll.vir"
sh=3078CC2A910FA7FCBB14E9D6FABC8F44E12003C5 ft=1 fh=1d961a8700eeb7cb vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{46b9091e-deda-48d8-b979-0464193d69d5}.dll.vir"
sh=D303E1A422B6D0CA66B24DD9B911A8F803BDEC1B ft=1 fh=ad01716bf87226b4 vn="Variante von Win64/BrowseFox.CH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SourceApp\bin\{46b9091e-deda-48d8-b979-0464193d69d5}64.dll.vir"
sh=36D9F4A3B13AFC47D1E28A81CF00AC38B82C54E0 ft=1 fh=ee02773919a25ace vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=36F969E522FD53A189312D946C430EFD02D5A982 ft=1 fh=5d022c015afe1524 vn="Variante von Win32/ELEX.AV evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=F0DB92E27FF763CDC3002BB2B7320F9F3478224F ft=1 fh=c71c0011edb12146 vn="Variante von Win32/ELEX.BC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=7C0DFACED11E1048238ACF75563FDF86A50E3E35 ft=1 fh=c71c0011f8f73b55 vn="Variante von Win32/ELEX.BD evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\update\update.exe.vir"
sh=7C42668F64CCC4DA321E1B87198AC4F2BAC8116F ft=1 fh=4c95e7fe07889588 vn="Variante von Win64/Riskware.NetFilter.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw64.sys.vir"
sh=05411709BA79DF3F195D822B4633E5688DE72575 ft=1 fh=972649cf7740b778 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\Adobe\c3bf91c9-7229-4c31-ba68-0a33788d7157.dll"
sh=05411709BA79DF3F195D822B4633E5688DE72575 ft=1 fh=972649cf7740b778 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Program Files (x86)\c3bf91c9-7229-4c31-ba68-0a33788d7157\a25fb352-74ba-49ba-9351-e4144370f17e.dll"
sh=69C39EAECD1636A18D4C837B8E8391DAC73E63D3 ft=1 fh=aa236d3f7354b7d4 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Downloads\# GAMES\Daylight\LimaGame\Binaries\Win32\steam_api.dll"
sh=64A2AC76A98DC9EDE4C9EFD6E8C986CD865A2780 ft=1 fh=1117f44880629a74 vn="Win32/SuspLibLoad.A Trojaner (Gesäubert - in Quarantäne kopiert)" ac=C fn="E:\Downloads\# GAMES\Daylight\LimaGame\Binaries\Win32\winmm.dll"
sh=100C1C6DA6C6646025B17197B437512BE4D78FDC ft=1 fh=20804abc5174beae vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Angry.Video.Game.Nerd.Adventures.Cracked-3DM\Angry Video Game Nerd Adventures\steam_api.dll"
sh=64A2AC76A98DC9EDE4C9EFD6E8C986CD865A2780 ft=1 fh=1117f44880629a74 vn="Win32/SuspLibLoad.A Trojaner (Gesäubert - in Quarantäne kopiert)" ac=C fn="E:\Games\Angry.Video.Game.Nerd.Adventures.Cracked-3DM\Angry Video Game Nerd Adventures\winmm.dll"
sh=AD3EC9EC035A24C6FE3F6562970EECC7C73FF8E8 ft=1 fh=508ee6bdf8aa12bf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Duke Nukem 3D\COGENT\bin\steam_api.dll"
sh=AD3EC9EC035A24C6FE3F6562970EECC7C73FF8E8 ft=1 fh=508ee6bdf8aa12bf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Duke Nukem 3D\COGENT\gameroot\steam_api.dll"
sh=AD3EC9EC035A24C6FE3F6562970EECC7C73FF8E8 ft=1 fh=508ee6bdf8aa12bf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Duke Nukem 3D\Duke Nukem 3D Megaton Edition\bin\steam_api.dll"
sh=AD3EC9EC035A24C6FE3F6562970EECC7C73FF8E8 ft=1 fh=508ee6bdf8aa12bf vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Duke Nukem 3D\Duke Nukem 3D Megaton Edition\gameroot\steam_api.dll"
sh=100C1C6DA6C6646025B17197B437512BE4D78FDC ft=1 fh=20804abc5174beae vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Euro Truck Simulator 2\bin\win_x86\steam_api.dll"
sh=1060479A8BBCBAB7AEA8728B218AB333936A8013 ft=1 fh=1e00461ebe9c4dd0 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\Mittelerde Mordors Schatten Premium Edition\x64\steam_api64.dll"
sh=85DEF24102641E15AE33EB7C38F43C87173D3DF2 ft=1 fh=e37d75ebc2eb4d25 vn="Variante von Win32/Packed.VMProtect.ABD Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Games\PSHD\steam_api.dll"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung (gelöscht (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="E:\Programme\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=6A59627E461F417ABB8A7062587275958E0B6411 ft=1 fh=6e4c94e46a4bd284 vn="Win32/Adware.Lollipop.D Anwendung (Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert)" ac=C fn="E:\Programme\Project64\Project64_2.0.exe"
sh=C6DBFD5482A070B911AAA52EACB3995C76B1D01B ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="N:\PC SICHERUNGEN\m7oxq983.default\extensions\software@loadtubes.com\chrome\content\loadtbs.js"
sh=C6DBFD5482A070B911AAA52EACB3995C76B1D01B ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="N:\PC SICHERUNGEN\SICHERUNG KAY JAN 13\m7oxq983.default\extensions\software@loadtubes.com\chrome\content\loadtbs.js"
sh=D73B370999AD1A2E37F963737B3799DA55F744E5 ft=1 fh=aeb3cab8ebdfbf05 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0001.P.P.Hammer.(1991)(Demonware).Win7-TheCompany.exe"
sh=FDB00A8BA8246AE2F10E18355A76F598AC1D37D5 ft=1 fh=6316a8dcfb7756e3 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0002.Apidya.(1992)(Kaiko)( 4.TRAiNER).Win7-TheCompany.exe"
sh=9800D4F4AC39EF31C1316265C4BF1E382F6D1634 ft=1 fh=999f2cf5926b1df2 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0003.Pinballs.15in1.COMPiLATiON.Win7-TheCompany.exe"
sh=A5F0216E60E708D340C18EED978387D66FAA47B9 ft=1 fh=4968f95f4242311c vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0004.Centurion.Defender.of.Rome(PL)(1991)(EA).Win7-TheCompany.exe"
sh=C01DEC72F7D0F2D961A09BB3E0D8C9EDBB1F34A8 ft=1 fh=f92f355774ff7cde vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0005.Super.Frog.(1993)(Team17)(TRAiNER).Win7-TheCompany.exe"
sh=83CC508FCBFF354B9F6DA8E97AAA49B7DE9A2D90 ft=1 fh=197c2d2bdb1dec3f vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0006.Afabet.Smierci (1996)(ARTE).Win7-TheCompany.exe"
sh=793CAAC217CDA46E0C41FE421767A67A924E1072 ft=1 fh=e0b4f1d3b78d49bf vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0007.Napalm.The.Crimson.Crisis(1998)(ABLAZE).Win7-TheCompany.exe"
sh=105F381A7DD365FE4A42548326A25812DA48DE52 ft=1 fh=be76ccc45bb8c149 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0008.Road.Kill(1995)(VISION).Win7-TheCompany.exe"
sh=23743652F793561E98EF6C4852FF4E9077B13F6E ft=1 fh=5a353079b0dc2bde vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0009.Cannon.Fodders.7in1.COMPiLATiON(cf1_fix trainer).Win7-TheCompany.exe"
sh=9CF2D5C0665861BABCC6DDE87896394B4DB7823A ft=1 fh=900742feaa41a58d vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0010.Moonstone.A.Hard.Days.Knight.(1991)(MINDSCAPE).Win7-TheCompany.exe"
sh=5118BB99C97E4C6D74689CD550A8267CC9F016EE ft=1 fh=148ba8399bae49cc vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0011.Arabian.Nights.(1993)(KRISALIS)(TRAiNER).Win7-TheCompany.exe"
sh=00D122539267316FEAC2BAA8D282B8F9268EDE76 ft=1 fh=e871f70bafd198f6 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0012.Brian.The.Lion.(1994)(PSYGNOSIS).Win7-TheCompany.exe"
sh=6019E6785350E7B190F9B1C67C79ADB8CA18E483 ft=1 fh=6d515e8926ed13bb vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0013.Bubba.N.Stix.(1993)(CORE.DESIGN).Win7-TheCompany.exe"
sh=1072EFFBECF84C0E0373DF14C840EEA40BAC9907 ft=1 fh=79c82fd4ecc3b0d9 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0014.Crazy.Cars.III.(1992)(TITUS)( 1TRAiNER).Win7-TheCompany.exe"
sh=E172766470B50FCAE5884227C75C9FDCB06D155D ft=1 fh=fea69f7690919155 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0015.Elviras.3in1.COMPiLATiON.Win7-TheCompany.exe"
sh=5CAD58316409B95DD4FC7143C832D1C99969ED64 ft=1 fh=8b6c4829451ba434 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0016.Wisielec.(PL)(1995)(MarkSoft).Win7-TheCompany.exe"
sh=CAAA28C01F4C2BC11D74F9BAAC8A84F95172A1F3 ft=1 fh=9992ac6dbd874def vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0017.Rick.Dangerous.3in1.COMPiLATiON.Win7-TheCompany.exe"
sh=2FB98231B2796052F3F2091312195CE24B8A0666 ft=1 fh=76320c3a156d0f97 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0018.Nicky.Boom.2in1.COMPiLATiONS.(1992-1993)(Microids)(TRAiNER).Win7-TheCompany.exe"
sh=C0FF6CC0437501E2A8ADFF1A275F80DBBB4719A6 ft=1 fh=088c6184508033eb vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0019.Atlantyda.(1993)(T.S.S.).Win7-TheCompany.exe"
sh=AEB9D61F26814ACAC74EE499A88A2AAEEB318641 ft=1 fh=a5b49f7744bdb9f7 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0020-Gear.Works.(1993)(HOLLYWARE)( 5.TRAiNER).Win7-TheCompany.exe"
sh=5F73BDA5F52EEB9D56C493B361559717CAE0EF0E ft=1 fh=b7b80eaca803abe8 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0021.Dyna.Blaster.(1991)(Hudson.Soft)(TRAiNER).Win7-TheCompany.exe"
sh=2A893B1832AB59339181BA23DEFD785E0E66874C ft=1 fh=3ead965bec296376 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0022.Fire.Force.(1992-1993)(ICE)(TRAiNER).Win7-TheCompany.exe"
sh=FF923A5D1DA063942D12514A5F11B744D491256F ft=1 fh=d34e7090f1e25b64 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0023.Forest.Dumbs.2in1.COMPiLATiON.(1995-1996) (L.K.Avalon).Win7-TheCompany.exe"
sh=728A9547BAFBCE44A3347AC1056C0B6A824448CE ft=1 fh=88bf2f1c825cc9b9 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0024.Lotus.5in1.COMPiLATiON.(1990-1992)(Gremlin).Win7-TheCompany.exe"
sh=43F6E6DC1C7FC24CF8576D30A4E939A2CB9881F2 ft=1 fh=85c409ea9c30189f vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0025.Prince.of.Persia(1990)(Broderbund)(TRAiNER).Win7-TheCompany.exe"
sh=01FD4F7D1E901BC59F8519F739619B60444430F8 ft=1 fh=5ce10e159c622fec vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0026.Theatre.Of.Death.(1992)(PSYGNOSIS).Win7-TheCompany.exe"
sh=3B1836B414008C969E5BDC4164EB53A25C3A0CDB ft=1 fh=c31d1cb94b65870f vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0027.Goblins.3in1.COMPiLATiON.Win7-TheCompany.exe"
sh=0E34C1347D0EDEA100C5BEC3E53F9875AAA77395 ft=1 fh=b7b80eac66040091 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0028.Jaguar.XJ220.(1992)(Core.Design).Win7-TheCompany.exe"
sh=5E2C66F6D03ADC5DC3779D5FAAA0F538946203D7 ft=1 fh=32f4f8385c77c917 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0029.Overdrive.(1993)(TEAM.17).Win7-TheCompany.exe"
sh=1FABBA6463020041F7CD2390539D58943F3558B2 ft=1 fh=82d307c841b892da vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0030.Powerdrive.(1994)(RAGE.SOFTWARE).Win7-TheCompany.exe"
sh=9A448FD73F458ED6941BE5B3F9FD99D340737545 ft=1 fh=eaf2895b33adbe26 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0031.Rally.Championships.(PL)(1994)(FLAIR).Win7-TheCompany.exe"
sh=BE80BFDE8FBC74E83629F0EAFA1254909019A1E9 ft=1 fh=6c76eed5c4ed6723 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0032.Space.Taxi.V2.0.(ANDREAS.SPREEN).Win7-TheCompany.exe"
sh=FB44A71DF0ADE9D3E6EF620AA12ADF5AE47DC288 ft=1 fh=31d0410faa3d95e0 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0033.Teenagent.(PL)(1994)(METROPOLIS).Win7-TheCompany.exe"
sh=39154C27A93A3FA0B2898002294BB663A464FA1B ft=1 fh=fdf7c0477ec0ee59 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0034.Wings.(1990)(Cinemaware).Win7-TheCompany.exe"
sh=17FA6F118157F580E48070A913FFA5273BD81001 ft=1 fh=2b6e2defafde1895 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0035.Trolls.(1992-1993)(FLAIR.SOFTWARE)( 20.TRAiNER).Win7-TheCompany.exe"
sh=A8B409704B61D513B7754F16E96C89A2793C2820 ft=1 fh=186a4af33c176988 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0036.Fury.Of.The.Furries.(1990)(Kalisto)( 2.TRAiNER).Win7-TheCompany.exe"
sh=2819D93D20F9ECCBA9261455B8211DD6480A2A65 ft=1 fh=73670235e3891afa vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0037.SWOS.2in1.COMPiLATiON.(1994-2009)(Sensible.Software).Win7-TheCompany.exe"
sh=1B8F3C166B8F235A872DF08D5D71B97BAA467680 ft=1 fh=fe786cb4ab428cf1 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0039.Shadow.of.The.Beast.3in1.COMPiLATiON.(1989-1992)(Psygnosis).Win7-TheCompany.exe"
sh=75E36357E1834613F1EA9640AA7E5F13B4D20E59 ft=1 fh=5bed591b8d2ab3da vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0040.Alien.Breed.7in1.COMPiLATiON(1991-96)(Team17).Win7-TheCompany.exe"
sh=71CACE84E22ADD9DC67CE255FEB052CC49B375A0 ft=1 fh=088c61844bb7821e vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0041.Baby.Jo.in.Going.Home.(1991)(Loriciel)(13.trainer).exe"
sh=2EE0702E2929916F6DC391DCF8333B86012255FB ft=1 fh=c789446c8f736ac6 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0042.Ciemna.Strona(PL)(1997)(Diogenes).Win7-TheCompany.exe"
sh=264229CC9E7216BFA6FF45FEA1B6787B4187203C ft=1 fh=5d1c72f7b0984c34 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0043.Fury.Of.The.Furries.(1990)(Kalisto.Atreid software)[trainer. 2].Win7-TheCompany.exe"
sh=22D036CB746D025D42F5D23879E03D669BCA3610 ft=1 fh=088c61840c720db3 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0044.Ivanhoe.(1990)(Ocean)[trainer. 13].Win7-TheCompany.exe"
sh=F52DDB88A951154B728A19A3D862ADA34A894097 ft=1 fh=db9931da6fe68b94 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0045.Jaguar.XJ220.(1992)(Core Design).Win7-TheCompany.exe"
sh=C9D77A8931987B933925A6E64AEE34004A181DD2 ft=1 fh=617a4a3d6fb0cf4f vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0046.Lost.in.Mine(PL)(1995)(MarkSoft).Win7-TheCompany.exe"
sh=8286996F0D417C73C2A53349D6C1E30984A46C72 ft=1 fh=088c618438f9d559 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0047.Magic.Pockets.(1991)(Renegade.Bitmap.Brothers)[trainer. 29].Win7-TheCompany.exe"
sh=B7480B10FADF8F678C404C2AC49003C33BBFDE45 ft=1 fh=942cd5ec7db1a802 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0048.Mentor(PL)(1994)(ART4.MarkSoft).Win7-TheCompany.exe"
sh=10CD08029A342F615B63188C32A1BFF52FF6CA43 ft=1 fh=28d54eb48561f1c4 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0049.Misja.Harolda(PL)(1994)(ART4.MarkSoft).Win7-TheCompany.exe"
sh=4BF1437BE93F8B40350A9B28C6FB8AAB58B53D22 ft=1 fh=083d845d30bb8432 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0050.Mortal.Kombat.2in1.COMPiLATiON(1993-1994)(Acclaim).Win7-TheCompany.exe"
sh=5736BC3A2537FF2FEE7CE53E2EB41B673EE20830 ft=1 fh=2fa700e760f3f30d vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0051.Realms Of Arkania.(1992)(Fantasy).Win7-TheCompany.exe"
sh=2E0324F9DCDC91B9AA2FD7465562B736A9394732 ft=1 fh=4968f95f0d39cafe vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0052.Rick.Dangerous.3in1.COMPiLATiON.(1990)(CoreDesign)[ trainer].Win7-TheCompany.exe"
sh=3E134350DD5B2E10A9E93F288E4656995C1ECA14 ft=1 fh=1321a116837af880 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0053.Shadow.Of.The.Beast.3in1.COMPiLATiON.Win7-TheCompany_fixed.exe"
sh=11C975A3BBDC732EDDCC9C18CF6C5E9FAF50E591 ft=1 fh=83926c9973bdeac4 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0054.Skaut.Kwatermaster(PL)(1995)(L.K.AVALON).Win7-TheCompany.exe"
sh=34DBFAE340237D427539C4563D7272CD7B0CBA31 ft=1 fh=41dcb1db6a3490cd vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0055.Stunt.Car.Racer.(1989)(Microstyle).Win7-TheCompany.exe"
sh=BB2C24CD92F2B059E2EF0C2E385A730729DA161D ft=1 fh=08bf9441a6e9b065 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0056.Syndicate(1993-94)(BullFrog)(10.TRAiNER).Win7-TheCompany.exe"
sh=D6CBD3470C5607C978998ED216AB1D6330427C46 ft=1 fh=6a60f650b7e76144 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0057.Tyran(PL)(1996)(MarkSoft).Win7-TheCompany.exe"
sh=4A62A30070A5B70D2A5EC30ADEB9B6A09A004252 ft=1 fh=f33a3c34c73c7588 vn="Variante von Win32/Kryptik.BUQX Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="N:\WEITERES\GAMES\AmigaThe Company\0058.World.Software.(1994-1996).4in1.COMPiLATiON.Win7-TheCompany.exe"
SECURITY CHECK:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 CloneSpy 3.1    
 Java 7 Update 71  
 Adobe Flash Player 15.0.0.246  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5) 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 AvastSvc.exe    
 avastui.exe    
 Trend Micro SafeSync hrfscore.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
FRST:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01
Ran by Julian at 2014-12-14 21:06:18
Running from C:\Users\Julian\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0011-0000-0001-074957833700}) (Version: 11.0.460 - ABBYY)
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version:  - )
Ableton Live 9 Suite (HKLM\...\{F6BA3E9F-8637-4DCE-BBA8-75A6A57A9D0B}) (Version: 9.0.0.0 - Ableton)
Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.13.1 - Mirillis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Captivate Quiz Results Analyzer (HKLM-x32\...\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Captivate Reviewer (HKLM-x32\...\AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Presenter 7 (HKLM-x32\...\Adobe Presenter 7) (Version: 7.0.6 - Adobe Systems)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Alien Isolation Ripley Edition MULTi2 1.0 (HKLM-x32\...\Alien Isolation Ripley Edition MULTi2 1.0) (Version:  - )
Amazon Cloud Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amiga Forever (HKLM-x32\...\{F3626735-458B-48DD-A8E2-9746D3BB144D}) (Version: 2012.3.0 - Cloanto)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.01.5010 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Another World 20th Anniversary Edition (c) Focus Home Interactive version 1 (HKLM-x32\...\QW5vdGhlciBXb3JsZA==_is1) (Version: 1 - )
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 7 Blue Net (HKLM-x32\...\AquaSoft DiaShow 7 Blue Net) (Version: 7.7.11 - AquaSoft)
AquaSoft DiaShow 7 Blue Net (x32 Version: 7.7.11 - AquaSoft) Hidden
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - )
B400 Series PCL Driver from OKI® Printing Solutions for Windows  (HKLM-x32\...\{E327C2A5-E236-44C4-A410-B899403A49A9}) (Version: 102 - OKI® Printing Solutions)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
BeadSurgeInstaller (HKLM-x32\...\{C1816FB6-2290-4251-8D11-E7ED83D0FD0F}) (Version: 1.0.0 - Default Company Name)
BitTorrent (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
C5200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{79C211A9-80D7-4E2A-A847-55BCC8F2ADCF}) (Version: 0.9.14 - Kovid Goyal)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
CdCoverCreator 2.5.3 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.3 - thyanté Software)
CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
CLICKBIOSII (HKLM-x32\...\{EBCB111F-4907-4B28-BD03-F5BD901106D2}_is1) (Version: 1.0.107 - MSI)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CloneSpy 3.1 (HKLM-x32\...\CloneSpy) (Version: 3.1 - The CloneSpy Team)
ControlCenter (HKLM-x32\...\{AF14F0CD-5307-4134-BDFA-15974473C1EE}_is1) (Version: 2.5.048 - MSI)
Cry of Fear (HKLM-x32\...\Steam App 223710) (Version:  - )
Cyberfox Web Browser (HKLM\...\{5EFB52C0-4EC9-46B4-80EB-8432C6599641}_is1) (Version: 20.0.1 - 8pecx Studios)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1905c.56 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Das Testament des Sherlock Holmes (HKLM-x32\...\{38A96559-FF39-4089-A609-BFD76C4A6C07}_is1) (Version: 1.00.0777 - Focus Home Interactive)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dolphin 4.0 (HKLM-x32\...\Dolphin) (Version: 4.0 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
DVDFab 9.0.1.6 (14/12/2012) Qt (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.3.0.9 - MSI)
EasyViewer (x32 Version: 1.3.0.9 - MSI) Hidden
Enclave (HKLM-x32\...\Enclave_is1) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 Version 1.6.1 (HKLM-x32\...\Euro Truck Simulator 2_is1) (Version: 1.6.1 - SCS Software)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Fallout 2 (HKLM-x32\...\Fallout 2_is1) (Version:  - GOG.com)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Free Countdown Timer 3.1.0 (HKLM-x32\...\{404245D0-E836-4737-9C12-D4D0034540F5}_is1) (Version: 3.1 - Comfort Software Group)
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Freeraser (HKLM-x32\...\Freeraser) (Version: 1.0.0.23 - Codyssey.com)
Freiwild-Tabs Version 1.2 (HKLM-x32\...\{1D0A4209-B251-486A-B09E-DD5A2123F814}_is1) (Version: 1.2 - Freiwild United)
Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 (HKLM-x32\...\R2FtZURldlR5Y29vbnYxMzI=_is1) (Version: 1 - )
Game of Thrones A Telltale Games Series (HKLM-x32\...\Game of Thrones A Telltale Games Series_is1) (Version:  - )
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gothic (SCREENFUN-DVD November 2005) (HKLM-x32\...\Gothic_Screenfun) (Version:  - )
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0 (HKLM-x32\...\Half-Life 2 Complete Edition Incl. FakeFactory Cinematic Mod 2013 MULTI-2 1.0) (Version:  - )
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version:  - The Plugin Site)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{01C324B7-3744-4EC0-9C4F-40BCCDD47CFB}) (Version: 3.0.41.1571 - Intel)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
KProbe 2.5.2 (HKLM-x32\...\KProbe) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Lilly Looking Through (HKLM-x32\...\GOGPACKLILLYLOOKINGTHROUGH_is1) (Version: 2.0.0.3 - GOG.com)
Live Update 5 (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 5.0.099 - MSI)
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_MSI_Slideshow_Maker_2) (Version: 2.0.0.8 - MAGIX AG)
MAGIX Slideshow Maker 2 (x32 Version: 2.0.0.8 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MD Adressbuch 2012 (HKLM-x32\...\MD Adressbuch 2012_is1) (Version:  - Stefan Göppert Softwareentwicklung)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
MediaCenterPlugin Filme (HKLM-x32\...\{BC51B01C-2A33-49F3-A386-F8F7B1904757}) (Version: 1.0.1.0 - MS)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Mezzmo (HKLM-x32\...\{9BE11DE3-4703-4482-BC77-A32D73951334}) (Version: 2.7.1.0 - Conceiva)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mittelerde Mordors Schatten Premium Edition MULTi2 1.0 (HKLM-x32\...\Mittelerde Mordors Schatten Premium Edition MULTi2 1.0) (Version:  - )
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSI SUITE (HKLM-x32\...\{1F025E3A-3074-48A3-A8F3-78E735739491}_is1) (Version: 1.0.029 - MSI)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.2 - MusicBrainz)
My Game Long Name (HKLM\...\UDK-0bd5954c-451b-4853-b8a9-c716bf446f85) (Version:  - Epic Games, Inc.)
MyDriveConnect 3.3.0.1502 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1502 - TomTom)
NbuExplorer version 3.3 (HKLM-x32\...\{6C58B3E8-0822-490B-BC94-40CC02A6B37F}_is1) (Version: 3.3 - Petr Vilem)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG)
nGlide 0.97 (HKLM-x32\...\nGlide) (Version: .97 - Zeus Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Controller-Treiber 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{87CCB9C0-55B9-4110-884F-A6CB0927EF50}) (Version: 16.0.139 - O&O Software GmbH)
OlliOlli (HKLM-x32\...\1207665033_is1) (Version: 2.0.0.2 - GOG.com)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)
Outlast Version 1.0.11774 (HKLM-x32\...\Outlast_is1) (Version: 1.0.11774 - Red Barrels)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.0.0.29375 - Grinding Gear Games)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PosteRazor (HKLM-x32\...\PosteRazor_is1) (Version: 1.5 - Alessandro Portale)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PS3Splitter version 1.1.5.1 (HKLM-x32\...\PS3Splitter_is1) (Version: 1.1.5.1 - Karmian.org)
PSP ISO Compressor (HKLM-x32\...\{D47087E7-AA15-4D1D-8C0A-60F7E446D597}) (Version: 1.4.0 - danny_kay1710)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6793 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Game Capture HD PRO (HKLM-x32\...\{2DD84AB2-8BF4-49FA-9D62-E3F93D4F56FB}) (Version: 1.0 - Roxio)
schobuk 2.1 (HKLM-x32\...\schobuk_is1) (Version: schobuk 2.1 - )
ScummVM 1.6.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shadow Warrior (HKLM-x32\...\Shadow Warrior_is1) (Version:  - Devolver Digital)
Shovel Knight (HKLM-x32\...\Shovel Knight_is1) (Version:  - )
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.9.0 - Cloanto Corporation)
SolveigMM AVI Trimmer (HKLM-x32\...\SolveigMM AVI Trimmer 2.1.1307.29) (Version: 2.1.1307.29 - Solveig Multimedia)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.10.201407111005 - Sony Mobile Communications AB)
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
SSDlife Pro (HKLM-x32\...\{800E31CD-E1E7-40EC-8410-5736E427F49A}) (Version: 2.3.52 - BinarySense Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.016 - MSI)
Syberia 2 (HKLM-x32\...\GOGPACKSYBERIA2_is1) (Version: 2.0.0.8 - GOG.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Banner Saga (HKLM-x32\...\VGhlQmFubmVyU2FnYQ==_is1) (Version: 1 - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - )
The Whispered World (HKLM-x32\...\{82225685-1513-4975-B624-155C10F3EE16}) (Version: 1.01 - Deep Silver)
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.03 - Creative Technology Limited)
To The Moon (HKLM-x32\...\To The Moon_is1) (Version:  - )
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Torque (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Torque) (Version: 4.2.5.28819 - BitTorrent Inc.)
Torque Plugin (HKLM-x32\...\{00A3B50F-A7CA-45D5-BFAA-902CEC7A2A43}) (Version: 4.4.2 - BitTorrent, Inc)
Trend Micro SafeSync (HKLM\...\HFRS_is1) (Version: 5.1.0.1173 - Trend Micro)
Tropico 4 Modern Times V1.0.6(CREATED BY XEONKING©) (HKLM-x32\...\Tropico 4 Modern Times_is1) (Version: 1.0.6 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version:  - Wicked & Wild Inc.)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VideoGenie (HKLM-x32\...\{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1) (Version: 1.0.0.12 - MSI)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
XBMC (HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\XBMC) (Version:  - Team XBMC)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{497F4457-E72A-6401-43CC-BD00574E0EE8}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

05-12-2014 17:44:08 Windows Update
08-12-2014 17:54:04 Sony PC Companion
09-12-2014 09:11:46 Windows Update
12-12-2014 02:00:20 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-10 11:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {041CBF80-E6EF-4CD2-837D-E4028E68CCAC} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {12B5834F-B1CE-4557-B918-EFAE4834CB8F} - System32\Tasks\BZDUP => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: {1F911709-49FC-4A78-A31F-4AC0CC7D4D15} - System32\Tasks\StartPoint => C:\Users\Julian\AppData\Local\StartPoint\startpoint\1.3.17.3\startpoint.exe
Task: {3138D0C3-99FE-45D8-B296-FD18B8705DD0} - System32\Tasks\StartPoint Updater => C:\Users\Julian\AppData\Local\StartPoint\startpoint\1.3.17.3\startup.exe
Task: {40DB3538-9F3E-484E-94B6-8CAC759CE76C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {4D656BF0-0C1C-4BEC-81BA-E89E0C809B7A} - System32\Tasks\AdobeAAMUpdater-1.0-JulianDesktopPC-Julian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {5E0B70D8-99CF-4198-8E2A-4BA419C801A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {6A022FC3-240F-47AF-B42F-252DDE1AB2EC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7316DC84-4675-4FC6-AB2F-BDE3E7149650} - System32\Tasks\avast! Emergency Update => E:\Programme\AvastEmUpdate.exe [2014-11-16] (AVAST Software)
Task: {B15E404A-9CC9-4430-869C-2DC47EB0B041} - System32\Tasks\{021D7834-B7D5-4770-BCE2-16D667638E6A} => E:\Programme\ePSX\ePSXe.exe [2012-11-09] ()
Task: {B8D898E6-02AD-453A-B524-8DFA9EA0B39D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {B9419299-4C7A-4AAE-88E0-F9C538557339} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CAD1D5D6-5C03-41A5-9074-9DC23B4E4923} - System32\Tasks\HYVVWFF => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
Task: {F8CA911B-DE69-4E8C-B8BF-038739DF3A8A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-02-22] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BZDUP.job => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HYVVWFF.job => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-01-18 17:00 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-16 17:31 - 2012-09-07 15:57 - 00559424 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2014-03-07 22:32 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2012-08-16 20:36 - 2012-08-16 20:36 - 00149032 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-08-16 20:36 - 2012-08-16 20:36 - 00058920 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-02-23 15:21 - 2013-01-22 22:35 - 00009728 _____ () C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
2014-12-14 10:26 - 2014-12-14 10:26 - 02908160 _____ () E:\Programme\defs\14121400\algo.dll
2014-12-14 20:59 - 2014-12-14 20:59 - 02908160 _____ () E:\Programme\defs\14121401\algo.dll
2014-03-07 22:32 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-03-07 22:32 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-03-07 22:32 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-03-07 22:32 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2014-06-12 09:19 - 2014-06-12 09:19 - 00643584 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtCore4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtGui4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtXml4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\QtSvg4.dll
2014-12-14 20:58 - 2014-12-14 20:58 - 00043008 _____ () c:\users\julian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1epokx.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Julian\AppData\Roaming\Dropbox\bin\libcef.dll
2014-11-16 10:37 - 2014-11-16 10:37 - 38562088 _____ () E:\Programme\libcef.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-25 18:32 - 2012-06-28 09:24 - 00541683 _____ () E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\sqlite3.dll
2013-01-21 22:25 - 2010-11-25 11:11 - 00062464 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\HS_REGEX.dll
2013-01-21 22:25 - 2012-08-14 11:36 - 00477696 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\tag.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00839680 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\LIBEAY32.dll
2013-01-21 22:25 - 2012-04-04 12:08 - 00159744 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\SSLEAY32.dll
2013-01-21 22:25 - 2012-03-29 10:32 - 00060928 ____R () C:\Program Files (x86)\Conceiva\Mezzmo\extension-functions.dll
2014-12-09 20:43 - 2014-12-09 20:43 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-01-18 16:48 - 2012-03-29 06:18 - 01198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^O&O Defrag Tray.lnk => C:\Windows\pss\O&O Defrag Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Trend Micro SafeSync.lnk => C:\Windows\pss\Trend Micro SafeSync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Julian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: 2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "E:\Programme\Adobe X Suite\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\Julian\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: AppleIEDAV => E:\Programme\iCloud\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => E:\Programme\iCloud\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bonus.SSR.FR11 => "E:\Programme\Abbyy FineReader\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "E:\Programme\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: com.apple.dav.bookmarks.daemon => E:\Programme\iCloud\BookmarkDAV_client.exe
MSCONFIG\startupreg: ControlCenterCount => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Programme\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: HP Software Update => E:\Programme\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => E:\Programme\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iCloudServices => E:\Programme\iCloud\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Joystick 2 Mouse => C:\Program Files (x86)\Joystick 2 Mouse 3\Joystick 2 Mouse.exe /NoConfigure
MSCONFIG\startupreg: Live Update 5 => E:\Programme\MSI Live Update 5\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: MSI Suite => C:\MSI\MSI SUITE\StartMSISuite.exe
MSCONFIG\startupreg: PC Suite Tray => "E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDFPrint => E:\Programme\PDF24\pdf24.exe
MSCONFIG\startupreg: Power2GoExpress => NA
MSCONFIG\startupreg: PowerDVD12Agent => "E:\Programme\PowerDVD\PowerDVD12\PowerDVD12Agent.exe"
MSCONFIG\startupreg: PowerDVD12DMREngine => "E:\Programme\PowerDVD\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: THX Audio Control Panel => "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: WinampAgent => E:\Programme\Winamp\winampa.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3333801471-2121581504-1765403736-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3333801471-2121581504-1765403736-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3333801471-2121581504-1765403736-1006 - Limited - Enabled)
Julian (S-1-5-21-3333801471-2121581504-1765403736-1001 - Administrator - Enabled) => C:\Users\Julian

==================== Faulty Device Manager Devices =============

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/14/2014 08:58:59 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/14/2014 10:25:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/13/2014 11:14:10 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (12/13/2014 04:57:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:58:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:58:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:58:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:51:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:51:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/13/2014 09:51:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (12/14/2014 08:58:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (12/14/2014 08:58:33 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "M:" können nicht gelesen werden.

Error: (12/14/2014 08:58:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/14/2014 11:09:27 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (12/14/2014 10:25:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (12/14/2014 10:25:08 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "M:" können nicht gelesen werden.

Error: (12/14/2014 10:25:02 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/13/2014 11:13:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (12/13/2014 11:13:42 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "M:" können nicht gelesen werden.

Error: (12/13/2014 11:13:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (12/14/2014 08:58:59 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/14/2014 10:25:34 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/13/2014 11:14:10 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/13/2014 04:57:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/13/2014 09:58:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe

Error: (12/13/2014 09:58:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe

Error: (12/13/2014 09:58:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe

Error: (12/13/2014 09:51:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe

Error: (12/13/2014 09:51:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe

Error: (12/13/2014 09:51:16 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Julian\Desktop\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-12-10 11:15:45.485
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 11:15:45.464
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-23 13:28:18.898
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-23 11:39:13.184
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 22:15:15.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 10:17:37.190
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 03:40:57.180
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-22 00:16:58.336
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-21 11:08:21.689
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-20 23:37:52.444
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 19%
Total physical RAM: 16335.52 MB
Available physical RAM: 13088.04 MB
Total Pagefile: 32669.21 MB
Available Pagefile: 29710.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:3.97 GB) NTFS
Drive e: (Volume) (Fixed) (Total:1863.01 GB) (Free:535.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: EC8F2F72)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CC96EFA6)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 2 KB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Alt 15.12.2014, 19:20   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Frisches FRST log bitte. Keine Addition.txt. Bestehen noch Probleme mit dem System?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 11:34   #12
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Oh, entschuldigung, hab da wohl was verwechselt:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Julian (administrator) on JULIANDESKTOPPC on 16-12-2014 11:31:47
Running from C:\Users\Julian\Desktop
Loaded Profile: Julian (Available profiles: Julian & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Programme\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(BitTorrent Inc.) C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Comfort Software Group) E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe
(Nokia) E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Nullsoft, Inc.) E:\Programme\Winamp\winampa.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(AVAST Software) E:\Programme\afwServ.exe
(AVAST Software) E:\Programme\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
() C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
(MSI) C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
(MSI) C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
(MSI) C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) E:\Programme\O&O Defrag\oodag.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(CyberLink Corp.) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [WinampAgent] => E:\Programme\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Programme\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [BitTorrent] => C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [FreeCT] => E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [PC Suite Tray] => E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\RunOnce: [Adobe Speed Launcher] => 1418725734
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Software Director Scheduler.lnk
ShortcutTarget: Software Director Scheduler.lnk -> C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe (Cloanto Corporation)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Programme\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3333801471-2121581504-1765403736-1001] => http=127.0.0.1:49340;https=127.0.0.1:49340
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.strtpoint.com/?v=insMac&t=1411&ap=591080004
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001 -> {4A46D446-AFD1-485D-9DD3-1019CAF58610} URL = hxxp://search.strtpoint.com/results.html?v=insMac&t=1411&ap=591080004&q={searchTerms}&r=919
BHO: No Name -> {11111111-1111-1111-1111-110611171196} ->  No File
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: bittorrent.com/torque -> C:\Users\Julian\AppData\Roaming\BitTorrent\Torque\4.4.2\npTorque.dll (BitTorrent, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\searchplugins\startpointkms.xml
FF Extension: SourceApp 1.0.1 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\Extensions\{46b9091e-deda-48d8-b979-0464193d69d5}.xpi [2014-12-10]
FF Extension: WEB.DE MailCheck - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\toolbar@web.de [2014-12-15]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-15]
FF Extension: Menu Editor - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-03-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Programme\WebRep\FF
FF Extension: Avast Online Security - E:\Programme\WebRep\FF [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\extensions\detgdp@gmail.com

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1418204972&from=wpm12103&uid=SamsungXSSDX840XSeries_S14ENEACB11758K
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Browser Exploit Prevention) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1107_0\nptmbep.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-22]
CHR Extension: (Citavi Picker) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-03-22]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Programme\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - E:\Programme\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; E:\Programme\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 avast! Firewall; E:\Programme\afwServ.exe [104416 2014-11-16] (AVAST Software)
S3 AvastVBoxSvc; E:\Programme\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-16] (Avast Software)
R2 CLHNServiceForPowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-08-16] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-08-16] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-08-16] (CyberLink)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 Mezzmo_Desktop; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3119472 2012-09-27] (Conceiva Pty. Ltd.)
R2 MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [9728 2013-01-22] () [File not signed]
R2 MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [75280 2012-04-17] (MSI)
R2 MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [122936 2012-10-26] (MSI)
R2 MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [105016 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 MSSQL$MYMOVIES; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 OODefragAgent; E:\Programme\O&O Defrag\oodag.exe [2552176 2012-09-14] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-16] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-19] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-18] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R1 ISODrive; E:\Programme\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-19] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; E:\Programme\MSI Live Update 5\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; C:\MSI\MSI SUITE\NTIOLib_X64.sys [11888 2012-03-30] (MSI) [File not signed]
R3 NTIOLib_1_1_S; C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_SuiteFB; C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R2 ntk_PowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2013-12-01] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
R2 VBoxAswDrv; E:\Programme\ng\vbox\VBoxAswDrv.sys [271752 2014-11-16] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-16] ()
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; E:\Programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-14] (CyberLink Corp.)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\Julian\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 11:31 - 2014-12-16 11:31 - 00030230 _____ () C:\Users\Julian\Desktop\FRST.txt
2014-12-16 11:31 - 2014-12-16 11:31 - 00000000 ____D () C:\Users\Julian\Desktop\FRST-OlderVersion
2014-12-16 11:29 - 2014-12-16 11:29 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-14 21:01 - 2014-12-14 21:01 - 00852490 _____ () C:\Users\Julian\Desktop\SecurityCheck.exe
2014-12-13 23:12 - 2014-12-13 23:12 - 00000000 ____D () C:\Users\Julian\Desktop\Alte Firefox-Daten
2014-12-13 09:51 - 2014-12-13 09:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-13 09:50 - 2014-12-13 09:50 - 02347384 _____ (ESET) C:\Users\Julian\Desktop\esetsmartinstaller_deu.exe
2014-12-12 03:55 - 2014-12-12 03:55 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 03:00 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 03:00 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 10:50 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 10:50 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 10:50 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 10:50 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 10:50 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 10:50 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 10:50 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 10:50 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 10:50 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 10:50 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 10:50 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 10:50 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 10:50 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 10:50 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 10:50 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 10:50 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 10:50 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 10:50 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 10:50 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 10:50 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 10:50 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 10:50 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 10:50 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 10:50 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 10:50 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 10:50 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 10:50 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 10:50 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 10:50 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 10:50 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 10:50 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 10:50 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 10:50 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 10:50 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 10:50 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 10:50 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 10:50 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 10:50 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 10:50 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 10:50 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 10:50 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 10:50 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 10:50 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 10:50 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 10:50 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 10:50 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 10:50 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 10:50 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 10:50 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 10:50 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 10:50 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 10:50 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 10:50 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 10:50 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 10:50 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 10:50 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 10:50 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 10:50 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 10:50 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 10:50 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 10:50 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 10:50 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 10:50 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 10:50 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 10:50 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:34 - 2014-12-16 11:31 - 02119168 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-12-10 20:08 - 2014-12-10 20:08 - 00000000 ____D () C:\Windows\ERUNT
2014-12-10 20:07 - 2014-12-10 20:07 - 01707646 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-12-10 14:12 - 2014-12-14 21:24 - 00000000 ____D () C:\Users\Julian\Desktop\VIRUS
2014-12-10 14:02 - 2014-12-10 10:52 - 02166272 _____ () C:\Users\Julian\Desktop\adwcleaner_4.105.exe
2014-12-10 13:53 - 2014-12-10 19:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-10 13:53 - 2014-12-10 13:53 - 00000788 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-10 13:53 - 2014-12-10 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-10 13:53 - 2014-12-10 13:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-10 13:53 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-10 13:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-10 13:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-10 13:44 - 2014-12-10 13:44 - 00000000 ___SD () C:\ComboFix
2014-12-10 13:35 - 2014-12-16 11:28 - 00001344 _____ () C:\Windows\Tasks\HYVVWFF.job
2014-12-10 13:35 - 2014-12-13 12:38 - 00000000 ____D () C:\Program Files (x86)\c3bf91c9-7229-4c31-ba68-0a33788d7157
2014-12-10 13:35 - 2014-12-10 13:35 - 00004386 _____ () C:\Windows\System32\Tasks\HYVVWFF
2014-12-10 13:34 - 2014-12-16 11:28 - 00001340 _____ () C:\Windows\Tasks\BZDUP.job
2014-12-10 13:34 - 2014-12-10 14:03 - 00000000 ____D () C:\Users\Julian\AppData\Local\StartPoint
2014-12-10 13:34 - 2014-12-10 13:34 - 00004382 _____ () C:\Windows\System32\Tasks\BZDUP
2014-12-10 13:34 - 2014-12-10 13:34 - 00003510 _____ () C:\Windows\System32\Tasks\StartPoint
2014-12-10 13:34 - 2014-12-10 13:34 - 00003504 _____ () C:\Windows\System32\Tasks\StartPoint Updater
2014-12-10 11:09 - 2014-12-10 13:44 - 00000000 ____D () C:\Qoobox
2014-12-10 11:09 - 2014-12-10 11:16 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 11:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-10 11:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-10 11:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-09 20:43 - 2014-12-09 20:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 19:47 - 2014-12-08 19:47 - 00000020 _____ () C:\Users\Julian\defogger_reenable
2014-12-08 19:39 - 2014-12-16 11:31 - 00000000 ____D () C:\FRST
2014-12-08 19:37 - 2014-12-08 19:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Martin Fuchs
2014-12-08 19:29 - 2014-12-16 11:28 - 00009387 _____ () C:\Windows\setupact.log
2014-12-08 19:29 - 2014-12-08 19:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 23:22 - 2014-12-02 23:22 - 00000869 _____ () C:\Users\Julian\Desktop\Game of Thrones A Telltale Games Series.lnk
2014-12-02 23:22 - 2014-12-02 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game of Thrones A Telltale Games Series
2014-12-02 23:13 - 2014-12-02 23:13 - 00000000 ____D () C:\Users\Julian\Documents\Telltale Games
2014-12-02 12:06 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-06-39.016-aswFe.exe-7376.log
2014-12-02 12:04 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-04-03.030-aswFe.exe-8088.log
2014-12-02 12:03 - 2014-12-02 12:04 - 00000145 _____ () C:\Windows\system32\2014-12-02-11-03-56.044-AvastVBoxSVC.exe-3828.log
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-01 11:53 - 2014-12-01 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSP ISO Compressor
2014-11-19 11:38 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:38 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-18 14:09 - 2014-11-18 14:09 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Yacht Club Games
2014-11-18 14:08 - 2014-11-18 14:08 - 00000802 _____ () C:\Users\Public\Desktop\Shovel Knight.lnk
2014-11-18 14:08 - 2014-11-18 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yacht Club Games
2014-11-16 10:42 - 2014-11-16 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-16 10:37 - 2014-11-16 10:37 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-16 10:37 - 2014-11-16 10:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-16 10:36 - 2014-11-16 10:36 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 11:31 - 2013-02-28 18:39 - 02356224 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-12-16 11:30 - 2013-01-18 20:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\BitTorrent
2014-12-16 11:29 - 2014-08-16 19:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-12-16 11:29 - 2014-07-16 14:29 - 00004132 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 11:29 - 2013-02-22 11:03 - 00003510 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-16 11:29 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-12-16 11:29 - 2013-02-02 04:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-16 11:29 - 2013-01-21 17:27 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-12-16 11:28 - 2014-07-07 15:24 - 00360058 _____ () C:\Windows\PFRO.log
2014-12-16 11:28 - 2013-01-21 15:44 - 01247928 _____ () C:\Windows\system32\oodbs.lor
2014-12-16 11:28 - 2013-01-18 16:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-16 11:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 00:05 - 2013-01-18 16:43 - 01313896 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 23:42 - 2013-03-09 01:21 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABA8D45E-2A6E-4A87-B807-227D22CF6583}
2014-12-15 23:42 - 2013-01-18 20:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 23:08 - 2013-01-18 16:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 13:39 - 2011-04-12 08:43 - 00750302 _____ () C:\Windows\system32\perfh007.dat
2014-12-15 13:39 - 2011-04-12 08:43 - 00168756 _____ () C:\Windows\system32\perfc007.dat
2014-12-15 13:39 - 2009-07-14 06:13 - 01763138 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 13:39 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 13:39 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 11:20 - 2013-12-22 15:34 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\vlc
2014-12-14 10:57 - 2014-03-18 12:50 - 00000000 ____D () C:\Users\Julian\Documents\Citavi 4
2014-12-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 12:38 - 2013-01-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-12 03:55 - 2014-07-16 15:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 03:07 - 2013-11-19 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 03:07 - 2013-01-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 03:02 - 2012-12-13 09:31 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 16:26 - 2013-01-25 17:58 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\dvdcss
2014-12-10 20:04 - 2014-07-12 13:39 - 00000000 ____D () C:\AdwCleaner
2014-12-10 18:37 - 2014-08-25 14:28 - 00000000 ____D () C:\Users\Julian\Desktop\URLAUB PAPIERKRAM
2014-12-10 15:03 - 2013-02-04 21:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-12-10 13:59 - 2009-07-14 03:34 - 00000615 _____ () C:\Windows\win.ini
2014-12-10 13:38 - 2013-06-16 23:00 - 00001041 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 13:34 - 2014-03-23 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NbuExplorer
2014-12-10 11:34 - 2013-01-21 14:35 - 00000000 ____D () C:\Users\Julian\Documents\Outlook-Dateien
2014-12-10 11:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-10 11:16 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 11:15 - 2013-01-18 16:43 - 00000000 ____D () C:\Users\Julian
2014-12-10 11:08 - 2013-01-18 23:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:54 - 2013-01-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-10 10:54 - 2013-01-18 16:43 - 00000997 _____ () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-10 10:48 - 2013-06-16 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 23:42 - 2013-01-18 20:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 23:42 - 2013-01-18 20:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 23:42 - 2013-01-18 20:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 18:54 - 2014-08-22 16:06 - 00208718 _____ () C:\Windows\DPINST.LOG
2014-12-08 18:54 - 2014-03-07 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 18:53 - 2013-01-18 16:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-25 14:32 - 2013-10-19 18:21 - 00000000 ____D () C:\Users\Julian\AppData\Local\SKIDROW
2014-11-22 09:56 - 2014-07-16 14:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-17 14:08 - 2013-02-19 14:53 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\abgx360
2014-11-17 14:06 - 2013-05-28 20:39 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\XBMC
2014-11-16 15:03 - 2013-01-18 16:46 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 15:03 - 2013-01-18 16:46 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 10:37 - 2014-07-16 15:12 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-16 10:37 - 2014-07-16 15:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-16 10:36 - 2014-07-16 14:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-16 09:34 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz5tkb.dll
C:\Users\Julian\AppData\Local\Temp\NEventMessages.dll
C:\Users\Julian\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Julian\AppData\Local\Temp\proxy_vole5218340577206391435.dll
C:\Users\Julian\AppData\Local\Temp\Quarantine.exe
C:\Users\Julian\AppData\Local\Temp\sqlite3.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Julian\AppData\Local\Temp\System.Data.SQLite4122a1b5-1134-4d2a-800e-722a06a23f1e.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:20

==================== End Of Log ============================
--- --- ---

--- --- ---


Und, ja, leider tritt das Problem mit dem Fehler 5 immernoch auf:

hxxp://img4web.com/view/7KW4P6

Alt 16.12.2014, 21:35   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3333801471-2121581504-1765403736-1001] => http=127.0.0.1:49340;https=127.0.0.1:49340
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1418204972&from=wpm12103&uid=SamsungXSSDX840XSeries_S14ENEACB11758K
Task: {12B5834F-B1CE-4557-B918-EFAE4834CB8F} - System32\Tasks\BZDUP => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: {CAD1D5D6-5C03-41A5-9074-9DC23B4E4923} - System32\Tasks\HYVVWFF => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
Task: C:\Windows\Tasks\BZDUP.job => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: C:\Windows\Tasks\HYVVWFF.job => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
C:\Users\Julian\AppData\Roaming\BZDUP.exe
C:\Users\Julian\AppData\Roaming\HYVVWFF.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Nochmal 2 frische FRST logs bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 23:11   #14
J_Cake_Jr
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Ok, also hier einmal die Fixlog.txt Datei:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Julian at 2014-12-16 23:07:19 Run:1
Running from C:\Users\Julian\Desktop
Loaded Profile: Julian (Available profiles: Julian & Administrator)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-3333801471-2121581504-1765403736-1001] => http=127.0.0.1:49340;https=127.0.0.1:49340
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1418204972&from=wpm12103&uid=SamsungXSSDX840XSeries_S14ENEACB11758K
Task: {12B5834F-B1CE-4557-B918-EFAE4834CB8F} - System32\Tasks\BZDUP => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: {CAD1D5D6-5C03-41A5-9074-9DC23B4E4923} - System32\Tasks\HYVVWFF => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
Task: C:\Windows\Tasks\BZDUP.job => C:\Users\Julian\AppData\Roaming\BZDUP.exe <==== ATTENTION
Task: C:\Windows\Tasks\HYVVWFF.job => C:\Users\Julian\AppData\Roaming\HYVVWFF.exe <==== ATTENTION
C:\Users\Julian\AppData\Roaming\BZDUP.exe
C:\Users\Julian\AppData\Roaming\HYVVWFF.exe
Emptytemp:
         
*****************

HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Windows\CurrentVersion\Run\\2BB777B4D97D5CBA4F37597096A565E0D6CA792C._service_run => value deleted successfully.
"HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Chrome HomePage deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12B5834F-B1CE-4557-B918-EFAE4834CB8F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12B5834F-B1CE-4557-B918-EFAE4834CB8F}" => Key deleted successfully.
C:\Windows\System32\Tasks\BZDUP => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BZDUP" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAD1D5D6-5C03-41A5-9074-9DC23B4E4923}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAD1D5D6-5C03-41A5-9074-9DC23B4E4923}" => Key deleted successfully.
C:\Windows\System32\Tasks\HYVVWFF => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HYVVWFF" => Key deleted successfully.
C:\Windows\Tasks\BZDUP.job => Moved successfully.
C:\Windows\Tasks\HYVVWFF.job => Moved successfully.
"C:\Users\Julian\AppData\Roaming\BZDUP.exe" => File/Directory not found.
"C:\Users\Julian\AppData\Roaming\HYVVWFF.exe" => File/Directory not found.
EmptyTemp: => Removed 1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
und einmal FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Julian (administrator) on JULIANDESKTOPPC on 16-12-2014 23:10:57
Running from C:\Users\Julian\Desktop
Loaded Profile: Julian (Available profiles: Julian & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Programme\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(BitTorrent Inc.) C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Comfort Software Group) E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe
(Nokia) E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe
(AVAST Software) E:\Programme\afwServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(Dropbox, Inc.) C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Nullsoft, Inc.) E:\Programme\Winamp\winampa.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(AVAST Software) E:\Programme\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Conceiva Pty. Ltd.) C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe
() C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe
(MSI) C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe
(MSI) C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe
(MSI) C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(O&O Software GmbH) E:\Programme\O&O Defrag\oodag.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(CyberLink Corp.) E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6854800 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [507016 2012-12-21] (MSI)
HKLM-x32\...\Run: [WinampAgent] => E:\Programme\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [527864 2012-12-10] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Programme\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [BitTorrent] => C:\Users\Julian\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [FreeCT] => E:\Programme 2\FreeCountdownTimer\FreeCountdownTimer.exe [2432280 2014-02-25] (Comfort Software Group)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\Run: [PC Suite Tray] => E:\Programme\PC SUITE NOKIA 6300\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\...\RunOnce: [Adobe Speed Launcher] => 1418767708
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Software Director Scheduler.lnk
ShortcutTarget: Software Director Scheduler.lnk -> C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe (Cloanto Corporation)
Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Julian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Programme\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPaired] -> {A203F945-39E9-4286-AFA2-F3ADFCD5FAAA} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoPriority] -> {6F1BB626-1107-4b82-B322-54C5E64461B8} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoProblem] -> {7479C9AF-DA81-4944-92E5-23E49390BB2B} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSynced] -> {7479C9AF-DA81-4944-92E5-23E49390BB2A} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoSyncing] -> {7479C9AF-DA81-4944-92E5-23E49390BB29} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
ShellIconOverlayIdentifiers-x32: [00HumyoUnavailable] -> {66669544-5639-4922-99C8-CE7A86651364} => C:\Program Files\Trend Micro SafeSync\HrfsShellExtension32.dll (Trend Micro Inc.)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3333801471-2121581504-1765403736-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.strtpoint.com/?v=insMac&t=1411&ap=591080004
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3333801471-2121581504-1765403736-1001 -> {4A46D446-AFD1-485D-9DD3-1019CAF58610} URL = hxxp://search.strtpoint.com/results.html?v=insMac&t=1411&ap=591080004&q={searchTerms}&r=919
BHO: No Name -> {11111111-1111-1111-1111-110611171196} ->  No File
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Programme\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Julian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3333801471-2121581504-1765403736-1001: bittorrent.com/torque -> C:\Users\Julian\AppData\Roaming\BitTorrent\Torque\4.4.2\npTorque.dll (BitTorrent, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\searchplugins\google-avast.xml
FF SearchPlugin: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\searchplugins\startpointkms.xml
FF Extension: SourceApp 1.0.1 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\vefa27m3.default-1371419455498\Extensions\{46b9091e-deda-48d8-b979-0464193d69d5}.xpi [2014-12-10]
FF Extension: WEB.DE MailCheck - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\toolbar@web.de [2014-12-15]
FF Extension: Adblock Plus - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-15]
FF Extension: Menu Editor - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\0pi4pfh4.default-1418508762624\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2014-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-03-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Programme\WebRep\FF
FF Extension: Avast Online Security - E:\Programme\WebRep\FF [2014-07-16]
FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\xco5vqxz.Jables\extensions\detgdp@gmail.com

Chrome: 
=======
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Browser Exploit Prevention) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1107_0\nptmbep.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll No File
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
CHR Profile: C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-18]
CHR Extension: (Google-Suche) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-18]
CHR Extension: (Google Wallet) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-22]
CHR Extension: (Citavi Picker) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-03-22]
CHR Extension: (Google Mail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Programme\WebRep\Chrome\aswWebRepChrome.crx [2014-11-16]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - E:\Programme\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; E:\Programme\AvastSvc.exe [50344 2014-11-16] (AVAST Software)
R2 avast! Firewall; E:\Programme\afwServ.exe [104416 2014-11-16] (AVAST Software)
S3 AvastVBoxSvc; E:\Programme\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-16] (Avast Software)
R2 CLHNServiceForPowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [90640 2012-08-16] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [78352 2012-08-16] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [295440 2012-08-16] (CyberLink)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-29] (Intel Corporation)
R2 Mezzmo_Desktop; C:\Program Files (x86)\Conceiva\Mezzmo\MezzmoMediaServer.exe [3119472 2012-09-27] (Conceiva Pty. Ltd.)
R2 MSIFileSyncMonitor; C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [9728 2013-01-22] () [File not signed]
R2 MSI_ComCenService; C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [75280 2012-04-17] (MSI)
R2 MSI_SuiteCharger; C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [122936 2012-10-26] (MSI)
R2 MSI_SuiteFastBoot; C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [105016 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [144008 2012-12-21] (MSI)
R2 MSSQL$MYMOVIES; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 OODefragAgent; E:\Programme\O&O Defrag\oodag.exe [2552176 2012-09-14] (O&O Software GmbH)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 RoxMediaDBGame1X; C:\Program Files (x86)\Common Files\Roxio Shared\Game1X\SharedCOM\RoxMediaDBGame1X.exe [1095824 2012-08-02] (Corel Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16877 2002-07-17] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-16] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-16] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-01-19] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-18] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 H5xUSB; C:\Windows\System32\Drivers\uth5x64.sys [101632 2012-08-02] (UT)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R1 ISODrive; E:\Programme\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-01-19] ()
S3 NTIOLib_1_0_4; E:\Programme\MSI Live Update 5\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_1_0_C; C:\MSI\MSI SUITE\NTIOLib_X64.sys [11888 2012-03-30] (MSI) [File not signed]
R3 NTIOLib_SuiteFB; C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R2 ntk_PowerDVD12; E:\Programme\PowerDVD\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [83704 2012-06-20] (Cyberlink Corp.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-07-10] (Corel Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2013-12-01] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-19] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-19] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-19] ()
R2 VBoxAswDrv; E:\Programme\ng\vbox\VBoxAswDrv.sys [271752 2014-11-16] (Avast Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-16] ()
R2 {73526619-C24F-470B-9BED-53D455FBB5C6}; E:\Programme\PowerDVD\PowerDVD12\Common\NavFilter\000.fcl [147704 2012-08-14] (CyberLink Corp.)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Users\Julian\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
U2 TMAgent; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 23:10 - 2014-12-16 23:11 - 00029152 _____ () C:\Users\Julian\Desktop\FRST.txt
2014-12-16 11:31 - 2014-12-16 11:31 - 00000000 ____D () C:\Users\Julian\Desktop\FRST-OlderVersion
2014-12-16 11:29 - 2014-12-16 23:08 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-14 21:01 - 2014-12-14 21:01 - 00852490 _____ () C:\Users\Julian\Desktop\SecurityCheck.exe
2014-12-13 23:12 - 2014-12-13 23:12 - 00000000 ____D () C:\Users\Julian\Desktop\Alte Firefox-Daten
2014-12-13 09:51 - 2014-12-13 09:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-13 09:50 - 2014-12-13 09:50 - 02347384 _____ (ESET) C:\Users\Julian\Desktop\esetsmartinstaller_deu.exe
2014-12-12 03:55 - 2014-12-12 03:55 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 03:00 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 03:00 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 10:50 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 10:50 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 10:50 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 10:50 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 10:50 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 10:50 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 10:50 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 10:50 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 10:50 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 10:50 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 10:50 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 10:50 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 10:50 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 10:50 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 10:50 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 10:50 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 10:50 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 10:50 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 10:50 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 10:50 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 10:50 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 10:50 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 10:50 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 10:50 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 10:50 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 10:50 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 10:50 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 10:50 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 10:50 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 10:50 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 10:50 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 10:50 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 10:50 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 10:50 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 10:50 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 10:50 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 10:50 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-11 10:50 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 10:50 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 10:50 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 10:50 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 10:50 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 10:50 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 10:50 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 10:50 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 10:50 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 10:50 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 10:50 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 10:50 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 10:50 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 10:50 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 10:50 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 10:50 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 10:50 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 10:50 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 10:50 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 10:50 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 10:50 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 10:50 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 10:50 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 10:50 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 10:50 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 10:50 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 10:50 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 10:50 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 10:50 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:34 - 2014-12-16 11:31 - 02119168 _____ (Farbar) C:\Users\Julian\Desktop\FRST64.exe
2014-12-10 20:08 - 2014-12-10 20:08 - 00000000 ____D () C:\Windows\ERUNT
2014-12-10 20:07 - 2014-12-10 20:07 - 01707646 _____ (Thisisu) C:\Users\Julian\Desktop\JRT.exe
2014-12-10 14:12 - 2014-12-14 21:24 - 00000000 ____D () C:\Users\Julian\Desktop\VIRUS
2014-12-10 14:02 - 2014-12-10 10:52 - 02166272 _____ () C:\Users\Julian\Desktop\adwcleaner_4.105.exe
2014-12-10 13:53 - 2014-12-10 19:50 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-10 13:53 - 2014-12-10 13:53 - 00000788 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-10 13:53 - 2014-12-10 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-10 13:53 - 2014-12-10 13:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-10 13:53 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-10 13:53 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-10 13:53 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-10 13:44 - 2014-12-10 13:44 - 00000000 ___SD () C:\ComboFix
2014-12-10 13:35 - 2014-12-13 12:38 - 00000000 ____D () C:\Program Files (x86)\c3bf91c9-7229-4c31-ba68-0a33788d7157
2014-12-10 13:34 - 2014-12-10 14:03 - 00000000 ____D () C:\Users\Julian\AppData\Local\StartPoint
2014-12-10 13:34 - 2014-12-10 13:34 - 00003510 _____ () C:\Windows\System32\Tasks\StartPoint
2014-12-10 13:34 - 2014-12-10 13:34 - 00003504 _____ () C:\Windows\System32\Tasks\StartPoint Updater
2014-12-10 11:09 - 2014-12-10 13:44 - 00000000 ____D () C:\Qoobox
2014-12-10 11:09 - 2014-12-10 11:16 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 11:09 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-10 11:09 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-10 11:09 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-10 11:09 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-09 20:43 - 2014-12-09 20:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 19:47 - 2014-12-08 19:47 - 00000020 _____ () C:\Users\Julian\defogger_reenable
2014-12-08 19:39 - 2014-12-16 23:10 - 00000000 ____D () C:\FRST
2014-12-08 19:37 - 2014-12-08 19:38 - 00000000 ____D () C:\Users\Julian\AppData\Local\Martin Fuchs
2014-12-08 19:29 - 2014-12-16 23:08 - 00009443 _____ () C:\Windows\setupact.log
2014-12-08 19:29 - 2014-12-08 19:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 23:22 - 2014-12-02 23:22 - 00000869 _____ () C:\Users\Julian\Desktop\Game of Thrones A Telltale Games Series.lnk
2014-12-02 23:22 - 2014-12-02 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game of Thrones A Telltale Games Series
2014-12-02 23:13 - 2014-12-02 23:13 - 00000000 ____D () C:\Users\Julian\Documents\Telltale Games
2014-12-02 12:06 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-06-39.016-aswFe.exe-7376.log
2014-12-02 12:04 - 2014-12-02 12:06 - 00000195 _____ () C:\Windows\system32\2014-12-02-11-04-03.030-aswFe.exe-8088.log
2014-12-02 12:03 - 2014-12-02 12:04 - 00000145 _____ () C:\Windows\system32\2014-12-02-11-03-56.044-AvastVBoxSVC.exe-3828.log
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-02 12:02 - 2014-12-02 12:02 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-01 11:53 - 2014-12-01 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSP ISO Compressor
2014-11-19 11:38 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:38 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 11:38 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-18 14:09 - 2014-11-18 14:09 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Yacht Club Games
2014-11-18 14:08 - 2014-11-18 14:08 - 00000802 _____ () C:\Users\Public\Desktop\Shovel Knight.lnk
2014-11-18 14:08 - 2014-11-18 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yacht Club Games
2014-11-16 10:42 - 2014-11-16 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-16 10:37 - 2014-11-16 10:37 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-16 10:37 - 2014-11-16 10:37 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-16 10:36 - 2014-11-16 10:36 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-16 23:10 - 2013-01-18 20:42 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\BitTorrent
2014-12-16 23:08 - 2014-07-07 15:24 - 00362050 _____ () C:\Windows\PFRO.log
2014-12-16 23:08 - 2013-02-22 11:03 - 00003510 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-12-16 23:08 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Dropbox
2014-12-16 23:08 - 2013-02-02 04:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-16 23:08 - 2013-01-21 17:27 - 00000043 _____ () C:\Windows\MezzmoMediaServer.INI
2014-12-16 23:08 - 2013-01-21 15:44 - 01249204 _____ () C:\Windows\system32\oodbs.lor
2014-12-16 23:08 - 2013-01-18 16:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-16 23:08 - 2013-01-18 16:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-16 23:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-16 23:07 - 2013-02-04 21:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\CrashDumps
2014-12-16 23:07 - 2013-01-18 16:43 - 01360972 _____ () C:\Windows\WindowsUpdate.log
2014-12-16 22:42 - 2013-01-18 20:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-16 22:33 - 2013-12-22 15:34 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\vlc
2014-12-16 19:17 - 2011-04-12 08:43 - 00750302 _____ () C:\Windows\system32\perfh007.dat
2014-12-16 19:17 - 2011-04-12 08:43 - 00168756 _____ () C:\Windows\system32\perfc007.dat
2014-12-16 19:17 - 2009-07-14 06:13 - 01763138 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 11:38 - 2014-08-16 19:51 - 00000000 ____D () C:\Users\Julian\AppData\Local\Adobe
2014-12-16 11:37 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-16 11:37 - 2009-07-14 05:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-16 11:31 - 2013-02-28 18:39 - 02356224 ___SH () C:\Users\Julian\Desktop\Thumbs.db
2014-12-16 11:29 - 2014-07-16 14:29 - 00004132 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-15 23:42 - 2013-03-09 01:21 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{ABA8D45E-2A6E-4A87-B807-227D22CF6583}
2014-12-14 10:57 - 2014-03-18 12:50 - 00000000 ____D () C:\Users\Julian\Documents\Citavi 4
2014-12-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 12:38 - 2013-01-18 23:00 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-12 03:55 - 2014-07-16 15:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 03:07 - 2013-11-19 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 03:07 - 2013-01-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 03:02 - 2012-12-13 09:31 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 16:26 - 2013-01-25 17:58 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\dvdcss
2014-12-10 20:04 - 2014-07-12 13:39 - 00000000 ____D () C:\AdwCleaner
2014-12-10 18:37 - 2014-08-25 14:28 - 00000000 ____D () C:\Users\Julian\Desktop\URLAUB PAPIERKRAM
2014-12-10 13:59 - 2009-07-14 03:34 - 00000615 _____ () C:\Windows\win.ini
2014-12-10 13:38 - 2013-06-16 23:00 - 00001041 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-10 13:34 - 2014-03-23 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NbuExplorer
2014-12-10 11:34 - 2013-01-21 14:35 - 00000000 ____D () C:\Users\Julian\Documents\Outlook-Dateien
2014-12-10 11:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-10 11:16 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 11:15 - 2013-01-18 16:43 - 00000000 ____D () C:\Users\Julian
2014-12-10 11:08 - 2013-01-18 23:01 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:54 - 2013-01-18 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-10 10:54 - 2013-01-18 16:43 - 00000997 _____ () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-10 10:48 - 2013-06-16 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 23:42 - 2013-01-18 20:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 23:42 - 2013-01-18 20:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 23:42 - 2013-01-18 20:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 18:54 - 2014-08-22 16:06 - 00208718 _____ () C:\Windows\DPINST.LOG
2014-12-08 18:54 - 2014-03-07 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 18:53 - 2013-01-18 16:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-25 14:32 - 2013-10-19 18:21 - 00000000 ____D () C:\Users\Julian\AppData\Local\SKIDROW
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-22 09:56 - 2014-07-16 14:29 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-17 14:08 - 2013-02-19 14:53 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\abgx360
2014-11-17 14:06 - 2013-05-28 20:39 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\XBMC
2014-11-16 15:03 - 2013-01-18 16:46 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 15:03 - 2013-01-18 16:46 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 10:37 - 2014-07-16 15:12 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-11-16 10:37 - 2014-07-16 15:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-16 10:37 - 2014-07-16 14:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-16 10:36 - 2014-07-16 14:29 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-16 09:34 - 2013-02-07 12:27 - 00000000 ____D () C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

Some content of TEMP:
====================
C:\Users\Julian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4wpuls.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:20

==================== End Of Log ============================
--- --- ---
Alt 17.12.2014, 20:16   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Standard

Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten
anwendung, datei, entfernen, erkennen, fehler, fehlermeldung, festplatte, folge, forum, logfiles, löschen, lösung, nicht mehr, nichts, ordner, problem, programme, trotz, unlocker, verschiedene, windows, windows 7, zeichen, zugriff, zugriff verweigert


« Windows 7 / Laptop stürzt unkontrolliert ab / ist langsam | Win7: Desktop ist schwarz, Arbeitsplatz wird automatisch geöffnet »


Ähnliche Themen: Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten


  1. Kein Zugriff auf Seite - Fehlercode: DNS_PROBE_FINISHED_NXDOMAIN - und "Bild"-Fehler auf anderen Seiten
    Plagegeister aller Art und deren Bekämpfung - 18.05.2015 (23)
  2. Windows 7 verweigert Zugriff auf Dateien trotz Administrator-Rechten
    Plagegeister aller Art und deren Bekämpfung - 19.09.2014 (15)
  3. Windows 7 verweigert mir Zugriff auf Dateien, trotz Vollzugriff
    Alles rund um Windows - 23.08.2014 (4)
  4. Fehlermeldung bei Systemstart von WINDOWS 7 64-bit: RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 17.08.2014 (10)
  5. Fehler 5: Zugriff verweigert
    Log-Analyse und Auswertung - 16.08.2014 (1)
  6. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  7. RegSvr32 - Fehler beim Laden des Moduls "". (Windows 7 64bit)
    Plagegeister aller Art und deren Bekämpfung - 19.06.2014 (13)
  8. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 16.06.2014 (11)
  9. Eigene Dateien nur noch als Verknüpfung da, und "zugriff verweigert"
    Plagegeister aller Art und deren Bekämpfung - 15.12.2013 (7)
  10. Win 8 (64bit): Avast meldet "FileRepMalware" & "Win32:evo-gen [Susp]"
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (20)
  11. [GELÖST] ESET Fehlermeldung "Zugriff verweigert"
    Log-Analyse und Auswertung - 30.06.2011 (3)
  12. "muxyi.exe" und Fehler bei Rechte zu "C:\ProgramData\Microsoft\Windows"
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (5)
  13. Fehler in Windows Vista: "Ein kritischer Fehler ist aufgetreten, Windows wird in einer Minute..."
    Log-Analyse und Auswertung - 20.08.2010 (0)
  14. avto1.exe; svchosty.exe; q1.exe; ...: "System Error. Code: 5. Zugriff verweigert."
    Plagegeister aller Art und deren Bekämpfung - 25.05.2010 (13)
  15. Zugriff auf Laufwerke wird verweigert: "Recycler/... konnte nicht gefunden werden."
    Plagegeister aller Art und deren Bekämpfung - 19.05.2009 (3)
  16. iexplore.exe "zugriff verweigert" und 8X svchost.exe
    Log-Analyse und Auswertung - 21.01.2008 (1)
  17. Trojaner trotz "Zugriff verweigern" nach antiVIR-Erkennung?
    Log-Analyse und Auswertung - 21.09.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten - Hallo Forum! Dies ist mein erster Post hier, darum seid bitte gnädig, falls ich irgendetwas nicht richtig poste oder Informationen vergesse Ich habe folgendes Problem: auf meiner Festplatte E: befindet - Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten...
Archiv
Du betrachtest: Windows 7 64bit - Permanent "Fehler 5: Zugriff verweigert" trotz Adminrechten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129