Beiträge von Nachteule

Nachteule

Code

OTL Extras logfile created on: 31.07.2014 13:28:52 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Udo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15.90 Gb Total Physical Memory | 13.06 Gb Available Physical Memory | 82.16% Memory free
17.90 Gb Paging File | 15.09 Gb Available in Paging File | 84.34% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 376.95 Gb Total Space | 226.41 Gb Free Space | 60.06% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 76.21 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Drive E: | 379.18 Gb Total Space | 160.57 Gb Free Space | 42.35% Space Free | Partition Type: NTFS
Drive H: | 175.17 Gb Total Space | 175.04 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
 
Computer Name: PC-UDO | User Name: Udo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B896F50-03B7-421B-A7E0-A4720DB423FB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1DC9958D-AC7F-410D-9F35-9C05C8DA060D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{314A4B98-1424-414A-955E-71624489EF63}" = lport=138 | protocol=17 | dir=in | app=system | 
"{36014684-5110-431C-8E6E-5B49FF463C28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{69AEF1CA-2A6E-4D75-BCDC-35E595E6B640}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{753DE48F-4A42-46D0-9308-E18CB13B33F9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{863A3AD7-FE4E-4FD6-B78B-7AC56F130EE3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B77BE189-0FCB-4F41-BB49-BB76AF87C7C6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B8801475-1510-44C8-B549-BCBDD805EBD7}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C358A322-7425-4581-8DE5-8C3239CE389E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C7F01BC5-97AB-4C09-A167-4913CF29D555}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C80C0337-76E4-40EE-A7B0-7E9BF79A229A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C81E9704-D529-4574-89C4-810E9E21AFB6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E1EBDBD6-5C44-4CF1-BA76-3E560D1BCB29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0178ED44-CFAA-477B-8D06-03F42E0A7B82}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe | 
"{0189D7A1-09C2-4569-B38F-0E84EEE12D8B}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{01C79E53-7495-4C0F-A787-C354970EA558}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the testament of sherlock holmes\game.exe | 
"{054882B2-66B4-4C44-83BC-8E0564C8DBAF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe | 
"{098AC0E2-4E68-418E-A546-474C03459AAB}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{0E6FACF4-8DE5-4B62-8F45-15CE89D08BA0}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\twinsector\twinsector_steam.exe | 
"{146E2611-1D42-4207-A275-1287E65FEB9A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{18B7FEE9-B497-4504-ABD9-EEC62E6563F2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe | 
"{1A10FB54-4E6C-4CFE-92F8-0FBF552F2354}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the testament of sherlock holmes\game.exe | 
"{1D890A2D-C3E9-460B-9AC2-A029239C0EF5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe | 
"{2505E6F1-DC4F-420E-A7C5-ECA9E1F444F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{27B6A859-E010-4765-B735-CAFF00E13857}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2C5AFDF6-E24D-43E4-80B0-645CC79043B9}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{2D22B995-346D-46B2-AD7A-92372963DB2D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{33548D39-E9F9-4E44-AA95-41E9A4390EB4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{365BEADF-2C45-4BF6-8D8E-CC1976546A63}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\metro last light\metroll.exe | 
"{3BB91674-07F8-4C40-99EF-6D905790E5EA}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{47FAC5E5-D755-4EE6-8CC3-1FAA21A0682C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4A5D861D-355E-4DAC-A517-A102ED3FAC7A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5E8F59A3-2C24-42DB-91A8-2787840C959C}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dream_pinball_3d\dp3d.exe | 
"{5FAB0A24-1277-4BCE-9248-D4128B49BFCF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6729E7BE-46EC-4D1E-8CB1-1D4AFDB42C65}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe | 
"{6C224DFA-ED6F-4DD7-9D48-1FC05C4EFDD8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6D2687CB-1E5E-44E7-9E76-8D7D49FB80B2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe | 
"{6D302058-480A-4C00-B850-0F59EC8A43E7}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{7B4B70C2-FB03-41DC-AA26-EA977698FD3C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7BC155D7-1D4F-41FB-9752-BCDE4B990C5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{7BDF9DF8-BF7C-42CB-A22D-45B74BF12EC2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8912C858-EADF-47A6-9522-4902B84A6E4D}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe | 
"{A5A514F1-6BC8-441E-AB39-02456AB00240}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe | 
"{A68C08FF-C644-4E24-AA85-5F851BD373A3}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{B3DABA91-F7B0-4B84-A171-DD3C182131C1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B4FAF5FC-1CFA-4B0C-BBE6-27E6B62965A8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe | 
"{BE6FA224-B889-46C9-B8F9-5908D6DE5CE2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{BF18C4B8-197B-4CAD-A9CE-26C79F14861F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C16FCA78-327E-440D-AEB4-D264E8B30A7F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{C4611C2A-A75A-4C69-B365-C5F7C722F879}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dream_pinball_3d\dp3d.exe | 
"{C947EF2E-E116-4F83-A034-538AE7DF61F7}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\metro last light\metroll.exe | 
"{C9E3EFA5-90FD-4458-9319-88AC360D27D5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe | 
"{D306F263-2A79-4597-9D11-DF170276407C}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\twinsector\twinsector_steam.exe | 
"{F5231D80-3D48-44F6-A236-ACACA854D905}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe | 
"{F645A07E-873D-4FC9-B9B1-66E984412562}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{F802D1FE-2A4E-43A9-8894-7ABA051A2CB8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe | 
"TCP Query User{00EFC886-C4D1-48FD-A96C-643DBA8742F5}E:\steam\steamapps\common\thinking with time machine\twtm.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\thinking with time machine\twtm.exe | 
"TCP Query User{7D551B9D-415A-423F-BF7C-05F925E2C2E4}E:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"TCP Query User{7E339131-26B4-413A-95A7-818D5B561A0E}E:\steam\steamapps\common\dear esther\dearesther.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dear esther\dearesther.exe | 
"TCP Query User{9FF1B606-3228-4FBD-963F-8401C12BB353}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"UDP Query User{1DD0A303-16ED-4601-9C8E-E971AA8DAA48}E:\steam\steamapps\common\dear esther\dearesther.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dear esther\dearesther.exe | 
"UDP Query User{3EEDB373-73FE-4E74-8DE2-3235A2F01498}E:\steam\steamapps\common\thinking with time machine\twtm.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\thinking with time machine\twtm.exe | 
"UDP Query User{5366B434-DE96-4E87-9B6C-6B257C5F2757}E:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"UDP Query User{78F3BEEE-1C1E-4995-95DF-AD030ABE78E7}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{5C3C81E1-B563-DC39-53B2-AB53DB4A521F}" = AMD Wireless Display v3.0
"{5D6A5E53-8DF9-92CB-9F79-14DFD7D7C1BA}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7BFFB77E-F04B-AC33-614D-A2FFE5B1E2D1}" = AMD Accelerated Video Transcoding
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D95B61A-9759-40F7-69BF-54DCE6675143}" = AMD Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{FB17462E-ED3D-1D33-2108-26F4C37C6AD1}" = ccc-utility64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"EPSON XP-302 303 305 306 Series" = EPSON XP-302 303 305 306 Series Printer Uninstall
"WinRAR archiver" = WinRAR 5.10 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{087B9123-2793-AFD4-7AC0-0E2F939657E2}" = CCC Help Dutch
"{0C4FABD1-92DD-DA78-9570-1CB8C6C4D6E5}" = CCC Help Japanese
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox
"{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1" = Kalenderchen 5
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20E8EA13-33DD-4565-9C83-FDC81666302A}" = TurboCAD Deluxe V.11.1
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30E01116-5666-4807-8EF1-D80E9FF16717}" = Epson Easy Photo Print 2
"{34746876-2972-9A57-A1A5-C7865785A62E}" = CCC Help German
"{39A05D92-5B6E-84E1-2006-B9B89CECFDC7}" = CCC Help Danish
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{419CF1B5-0FAE-9EE3-C621-AD3DA7A53B06}" = CCC Help English
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{46BEC94A-8D93-A1FB-2010-276F3DDCB779}" = CCC Help French
"{46F4462B-8113-B293-1AF2-00B3B0EEB9D3}" = Catalyst Control Center Graphics Previews Common
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{522536D5-883B-5E3C-7880-8ECB28FB4596}" = CCC Help Finnish
"{571637E3-F891-507C-9DA2-47B22C37C544}" = CCC Help Turkish
"{5E68C794-2884-F495-09B0-62AEA1DCE08A}" = CCC Help Russian
"{62EEC21F-308D-570A-2279-8621AFE237B6}" = CCC Help Chinese Traditional
"{69FDB13A-7740-1CC1-016F-CEB08DF1CF38}" = Catalyst Control Center Localization All
"{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}" = Microsoft_VC100_CRT_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D3B16A-0947-7F94-6BF6-490AF844B2E8}" = CCC Help Polish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75939021-3B68-419D-8DC1-E9823BFF9658}" = Google Drive
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AC8EF88-D996-4D47-B40C-4DD93E307481}" = Microsoft Sync Framework 2.1 Core Components (x86) ENU 
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7E3BEC3E-00E1-45AA-8440-5800E86591C8}" = TurboCAD Symbole
"{7F87D86E-0D51-F8F1-9E83-DEA9F2FB4103}" = CCC Help Italian
"{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}" = SafeFinder Smartbar
"{88265079-D6F4-4292-86BE-D2053E80BFE4}" = Freemium Free PDF Perfect
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8FED5458-A4D8-B32E-D098-0CD13E7DFA96}" = CCC Help Portuguese
"{9010713F-E301-637D-52BA-A7CB2C26A6F0}" = CCC Help Thai
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91B33C97-280F-B76D-E27B-E712D7041B76}_is1" = Ashampoo Burning Studio 2014 v.12.0.5
"{930988CE-E2EE-4292-B35F-E7644A19473D}" = Free Pdf Perfect Prereq
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{a27ff828-0971-45a4-8d69-986740373921}" = Free Pdf Perfect Prereq
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A60763B2-8D86-258F-565C-F6F1B48DB563}" = CCC Help Chinese Standard
"{A70FBCFC-227F-3AA5-40BA-0ED0EF40AB70}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}" = Futuremark SystemInfo
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{B8F4A45C-581C-4707-8EF2-2B9E6722270C}" = SketchUp 8
"{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}" = Epson Event Manager
"{BF5ACEF5-C66A-A0FB-2931-927778AF8D0A}" = CCC Help Spanish
"{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}" = Software Updater
"{C8AD2316-A453-A53D-FA6A-319D4D3A3DBA}" = CCC Help Czech
"{CC0F816C-4993-DC4D-51F4-2E9D3DBDEAAF}" = CCC Help Greek
"{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}" = Epson E-Web Print
"{D46336D9-3C98-2607-FE17-EE012C6D2948}" = CCC Help Korean
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DEB9DC81-DCF5-8688-8A5A-35A19A1C0659}" = CCC Help Hungarian
"{E00985A8-4974-E464-2A49-9263F8AE4DF6}" = AMD Catalyst Control Center
"{E5A2014F-F04E-33A0-5548-1A1FD35D0B49}" = Catalyst Control Center InstallProxy
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EDDAEBE4-E1AF-838A-E641-B7373317D15D}" = CCC Help Swedish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}" = NVIDIA PhysX (Legacy)
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"AllemeinePassworte" = Alle meine Passworte 3.21
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Anti-Twin 2013-01-09 17.59.40" = Anti-Twin (Installation 09.01.2013)
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Dia" = Dia (nur entfernen)
"EaseUS Partition Master_is1" = EaseUS Partition Master 9.3.0
"EPSON Scanner" = EPSON Scan
"EPSON XP-302 303 305 306 Series Bog" = Benutzerhandbuch - Grundlagen EPSON XP-302 303 305 306 Series
"EPSON XP-302 303 305 306 Series Netg" = Netzwerkhandbuch EPSON XP-302 303 305 306 Series
"EPSON XP-302 303 305 306 Series Useg" = Benutzerhandbuch EPSON XP-302 303 305 306 Series
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"Mozilla Firefox 31.0 (x86 de)" = Mozilla Firefox 31.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PC Wizard 2012_is1" = PC Wizard 2012.2.11
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Schriftenbibliothek_is1" = Schriftenbibliothek
"SmartTools Publishing · Websuche" = SmartTools Publishing · Websuche
"SmartTools PublishingOffice DDE-Fixv1.20" = SmartTools Office DDE-Fix
"SmartToolsAutoBackupv2.00" = SmartTools Publishing • Excel AutoBackup
"SmartToolsFalz & Lochmarken-Assistentv6.50" = SmartTools Publishing • Word Falz & Lochmarken-Assistent
"SmartToolsMusterbrief-Assistentv7.00" = SmartTools Publishing • Word Musterbrief-Assistent
"Steam" = Steam
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 203810" = Dear Esther
"Steam App 205100" = Dishonored
"Steam App 205650" = The Testament of Sherlock Holmes
"Steam App 208200" = DOOM 3: BFG Edition
"Steam App 21100" = F.E.A.R. 3
"Steam App 211600" = Thief Gold
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 214870" = Painkiller Hell & Damnation
"Steam App 215790" = Dream Pinball 3D
"Steam App 235600" = Tom Clancy's Splinter Cell Blacklist
"Steam App 239160" = Thief
"Steam App 239200" = Amnesia: A Machine for Pigs
"Steam App 240" = Counter-Strike: Source
"Steam App 247930" = Sniper Elite: Zombie Army 2
"Steam App 27900" = Twin Sector
"Steam App 286080" = Thinking with Time Machine
"Steam App 3260" = Safecracker: The Ultimate Puzzle Adventure
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 40700" = Machinarium
"Steam App 43160" = Metro: Last Light
"Steam App 47000" = 4 Elements
"Steam App 48000" = LIMBO
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"Steam App 8870" = BioShock Infinite
"Steam App 9200" = RAGE
"Steam App 98400" = Hard Reset
"tvbrowser" = TV-Browser 3.2.1
"WinPcapInst" = WinPcap 4.1.2
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MusicManager" = Music Manager
"SmartTools Publishing · Word Falz und Lochmarken-Assistent" = SmartTools Publishing · Word Falz und Lochmarken-Assistent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 01.02.2014 06:51:08 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Toshiba\Bluetooth Toshiba Stack\Tools\AVRCPTestTool.exe". Fehler in  Manifest-
 oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 01.02.2014 06:51:18 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE". Fehler in  Manifest- oder 
Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 06:52:08 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\phonostar-player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 07:05:35 | Computer Name = PC-Udo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: BrowserCleanup.exe, Version: 8.0.1484.29,
 Zeitstempel: 0x515b3af9  Name des fehlerhaften Moduls: BrowserCleanup.exe, Version:
 8.0.1484.29, Zeitstempel: 0x515b3af9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000abaa9
ID
 des fehlerhaften Prozesses: 0x11bc  Startzeit der fehlerhaften Anwendung: 0x01cf1f3d6e05ba4b
Pfad
 der fehlerhaften Anwendung: C:\Users\Udo\AppData\Local\Temp\7zSCD3E.tmp\BrowserCleanup.exe
Pfad
 des fehlerhaften Moduls: C:\Users\Udo\AppData\Local\Temp\7zSCD3E.tmp\BrowserCleanup.exe
Berichtskennung:
 c59c0569-8b30-11e3-85d0-001bdc0f823c
 
Error - 01.02.2014 07:57:42 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:03:24 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:06:53 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:07:00 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:07:01 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:07:10 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
[ OSession Events ]
Error - 25.01.2013 15:23:32 | Computer Name = PC-Udo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.07.2014 13:14:30 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 30.07.2014 13:14:37 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 30.07.2014 13:15:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 30.07.2014 13:15:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 30.07.2014 13:16:16 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 30.07.2014 13:16:16 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 31.07.2014 06:04:20 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 31.07.2014 06:04:26 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 31.07.2014 06:05:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 31.07.2014 06:05:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >

Alles anzeigen

Nachteule

Code

OTL logfile created on: 31.07.2014 13:28:51 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Udo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15.90 Gb Total Physical Memory | 13.06 Gb Available Physical Memory | 82.16% Memory free
17.90 Gb Paging File | 15.09 Gb Available in Paging File | 84.34% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 376.95 Gb Total Space | 226.41 Gb Free Space | 60.06% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 76.21 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Drive E: | 379.18 Gb Total Space | 160.57 Gb Free Space | 42.35% Space Free | Partition Type: NTFS
Drive H: | 175.17 Gb Total Space | 175.04 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
 
Computer Name: PC-UDO | User Name: Udo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Udo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe (TOSHIBA CORPORATION.)
PRC - C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe ()
PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (EpsonScanSvc) -- C:\Windows\SysNative\escsvc64.exe (Seiko Epson Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SXDS10) -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe (soft Xpansion)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe (Futuremark)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
SRV - (EpsonBidirectionalService) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x64\Sandra.sys File not found
DRV:[b]64bit:[/b] - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:[b]64bit:[/b] - (taphss6) -- C:\Windows\SysNative\drivers\taphss6.sys (Anchorfree Inc.)
DRV:[b]64bit:[/b] - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:[b]64bit:[/b] - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:[b]64bit:[/b] - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:[b]64bit:[/b] - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:[b]64bit:[/b] - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:[b]64bit:[/b] - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (fwlanusb5) -- C:\Windows\SysNative\drivers\fwlanusb5.sys (AVM GmbH)
DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (avmeject) -- C:\Windows\SysNative\drivers\avmeject.sys (AVM Berlin)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:[b]64bit:[/b] - (tosrfbd) -- C:\Windows\SysNative\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (npf) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:[b]64bit:[/b] - (Tosrfusb) -- C:\Windows\SysNative\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:[b]64bit:[/b] - (Tosrfcom) -- C:\Windows\SysNative\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (tosrfbnp) -- C:\Windows\SysNative\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (fwlanusbn) -- C:\Windows\SysNative\drivers\fwlanusbn.sys (AVM GmbH)
DRV:[b]64bit:[/b] - (Tosrfhid) -- C:\Windows\SysNative\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (TosRfSnd) -- C:\Windows\SysNative\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:[b]64bit:[/b] - (tosrfnds) -- C:\Windows\SysNative\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (tosporte) -- C:\Windows\SysNative\drivers\tosporte.sys (TOSHIBA Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (cpuz135) -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys (CPUID)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@soft-xpansion/npsxpdf: C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar-Player: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll File not found
FF - HKCU\Software\MozillaPlugins\@phonostar.de/Schlagerhöllen-Player: C:\Program Files (x86)\Schlagerhoellen-Player\npphonostarDetectNP.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Udo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Udo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.15 13:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014.03.21 17:35:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B45418F9-6406-4828-9D1A-35313FB1E2D6}: C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014.06.20 20:11:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.26 17:38:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Udo\AppData\Roaming\Mozilla\Firefox\Profiles\cqo5i5yk.default\extensions\extension@preispilot.com
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.26 17:38:34 | 000,000,000 | ---D | M]
 
[2014.03.12 14:40:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Extensions
[2014.03.19 16:04:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\bet0xp07.default\extensions
[2014.03.19 16:04:47 | 000,000,000 | ---D | M] (Popular Website Buddy) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\bet0xp07.default\extensions\jid1-l6V8exwLVv1lBw@jetpack
[2014.07.31 01:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions
[2014.07.27 19:37:41 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2014.03.25 21:17:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.07.26 17:44:10 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\djziggy@gmail.com
[2014.03.15 17:50:35 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\autofillForms@blueimp.net.xpi
[2014.06.10 10:55:22 | 000,371,542 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\client@anonymox.net.xpi
[2014.02.01 15:40:03 | 000,367,561 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\smarterwiki@wikiatic.com.xpi
[2014.06.20 12:19:13 | 000,131,912 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\tiletabs@DW-dev.xpi
[2014.07.07 17:48:51 | 000,703,054 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2014.05.04 00:27:35 | 000,293,729 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2014.07.31 01:44:32 | 000,093,394 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014.07.24 17:30:00 | 000,020,079 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.07.23 11:49:13 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.07.26 17:38:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.07.26 17:38:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014.07.31 12:13:41 | 000,000,938 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1147065550-3275198788-2662770593-1000\..\Toolbar\WebBrowser: (no name) - {1D053BB5-C922-44E3-9910-66585F017505} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digitaluhr.exe.lnk = C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D39EEC95-09A5-43FD-AB89-E51ED0A5BC30}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{40f4ba12-d81c-11e2-bc14-246511c0471d}\Shell - "" = AutoRun
O33 - MountPoints2\{40f4ba12-d81c-11e2-bc14-246511c0471d}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\{62584f0b-4b61-11e2-9dbf-246511c0471d}\Shell - "" = AutoRun
O33 - MountPoints2\{62584f0b-4b61-11e2-9dbf-246511c0471d}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014.07.31 01:37:29 | 000,000,000 | ---D | C] -- C:\Users\Udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.07.31 01:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014.07.31 01:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014.07.30 20:30:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Udo\Desktop\OTL.exe
[2014.07.26 17:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.18 18:49:22 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\Sketchup Mauer
[2014.07.17 18:31:23 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\Sketchup 1
[2014.07.17 15:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 8
[2014.07.17 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Udo\AppData\Roaming\SketchUp
[2014.07.17 14:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SketchUp
[2014.07.17 14:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SketchUp
[2014.07.17 02:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.07.17 01:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2014.07.16 19:13:22 | 000,040,832 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\drivers\TosBtCi.dll
[2014.07.16 19:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[2014.07.16 14:26:36 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 1
[2014.07.16 14:26:12 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 2
[2014.07.16 13:14:57 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 3
[2014.07.10 16:41:35 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014.07.10 16:41:35 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014.07.10 16:41:33 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014.07.10 16:41:33 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014.07.10 16:41:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.07.10 16:41:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.07.10 16:41:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.07.10 16:41:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.07.10 16:41:23 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.07.10 16:41:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.07.10 16:41:23 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.07.10 16:41:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.07.10 16:41:23 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.07.10 16:41:22 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.07.10 16:41:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.07.10 16:41:21 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.07.10 16:41:21 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.07.10 16:41:21 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.07.10 16:41:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.07.10 16:41:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.07.10 16:41:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.07.10 16:41:20 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.07.10 16:41:20 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.07.10 16:41:20 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.07.10 16:41:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.07.10 16:41:19 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.07.10 16:41:19 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.07.10 16:41:19 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.07.10 16:41:19 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.07.10 16:41:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.07.10 16:41:18 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.07.10 16:41:18 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.07.10 16:41:18 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.07.10 16:41:18 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.07.10 16:41:18 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.07.10 16:41:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.07.10 16:41:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.07.10 16:41:17 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.07.10 16:41:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.07.10 16:41:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.07.10 16:40:58 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.07.09 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\FormatFactory
[2014.07.09 19:41:24 | 000,000,000 | ---D | C] -- C:\FFOutput
[2014.07.09 19:41:16 | 048,888,704 | ---- | C] (AVM Software Inc.) -- C:\Users\Udo\Documents\pal_install_a4650_r131001_p127000.exe
[2014.07.09 19:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2014.07.07 18:21:18 | 000,255,352 | ---- | C] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2014.07.07 18:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2014.07.06 17:36:41 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.07.01 18:05:51 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\TwinSector
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014.07.31 13:21:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1147065550-3275198788-2662770593-1000UA.job
[2014.07.31 12:21:05 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1147065550-3275198788-2662770593-1000Core.job
[2014.07.31 12:20:25 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.07.31 12:14:04 | 000,001,084 | ---- | M] () -- C:\Windows\wininit.ini
[2014.07.31 12:13:41 | 000,000,938 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.07.31 12:12:51 | 000,024,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.31 12:12:51 | 000,024,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.31 12:05:30 | 000,000,814 | ---- | M] () -- C:\Users\Udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digitaluhr.exe.lnk
[2014.07.31 12:04:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.31 12:04:28 | 4212,383,742 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.30 20:30:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Udo\Desktop\OTL.exe
[2014.07.30 14:43:17 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140731-121341.backup
[2014.07.30 13:30:11 | 001,365,551 | ---- | M] () -- C:\Users\Udo\Desktop\adwcleaner_3.301.exe
[2014.07.30 13:14:04 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.07.30 13:14:04 | 000,699,416 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.07.30 13:14:04 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.07.30 13:14:04 | 000,149,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.07.30 13:14:04 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.07.29 16:37:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.07.29 10:48:07 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.07.29 10:48:07 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.26 18:32:16 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140730-144317.backup
[2014.07.22 16:13:02 | 000,000,221 | ---- | M] () -- C:\Users\Udo\Desktop\Defense Grid The Awakening.url
[2014.07.20 19:33:25 | 002,375,032 | ---- | M] () -- C:\Users\Udo\Desktop\Katalog.pdf
[2014.07.20 18:43:32 | 000,134,389 | ---- | M] () -- C:\Users\Udo\Desktop\Reinkarnation.PNG
[2014.07.20 17:56:18 | 216,759,222 | ---- | M] () -- C:\Users\Udo\Desktop\Elisabeth K_bler- Ross - _ber den Tod und das Leben danach_H_rbuch.mp3
[2014.07.17 16:14:12 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140726-183216.backup
[2014.07.17 15:12:06 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014.07.17 14:14:11 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014.07.16 19:17:49 | 000,000,956 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014.07.16 18:49:01 | 156,981,100 | ---- | M] () -- C:\Users\Udo\Desktop\Mysterien_des_Weltalls_-_Dimensionen_DOKU.mp4
[2014.07.10 20:16:56 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140717-161412.backup
[2014.07.10 20:14:46 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140710-201656.backup
[2014.07.10 18:26:59 | 000,310,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.07.07 18:21:18 | 000,255,352 | ---- | M] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2014.07.05 16:57:55 | 000,018,849 | ---- | M] () -- C:\Users\Udo\Desktop\POP3 GMX.PNG
[2014.07.01 17:52:03 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140710-201446.backup
[2014.07.01 17:48:40 | 000,000,221 | ---- | M] () -- C:\Users\Udo\Desktop\Twin Sector.url
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014.07.30 13:30:08 | 001,365,551 | ---- | C] () -- C:\Users\Udo\Desktop\adwcleaner_3.301.exe
[2014.07.22 16:13:02 | 000,000,221 | ---- | C] () -- C:\Users\Udo\Desktop\Defense Grid The Awakening.url
[2014.07.20 19:33:21 | 002,375,032 | ---- | C] () -- C:\Users\Udo\Desktop\Katalog.pdf
[2014.07.20 18:43:32 | 000,134,389 | ---- | C] () -- C:\Users\Udo\Desktop\Reinkarnation.PNG
[2014.07.20 17:53:34 | 216,759,222 | ---- | C] () -- C:\Users\Udo\Desktop\Elisabeth K_bler- Ross - _ber den Tod und das Leben danach_H_rbuch.mp3
[2014.07.17 15:12:06 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014.07.17 14:14:11 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014.07.16 19:14:32 | 000,000,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014.07.16 18:48:16 | 156,981,100 | ---- | C] () -- C:\Users\Udo\Desktop\Mysterien_des_Weltalls_-_Dimensionen_DOKU.mp4
[2014.07.05 16:57:55 | 000,018,849 | ---- | C] () -- C:\Users\Udo\Desktop\POP3 GMX.PNG
[2014.07.01 17:48:40 | 000,000,221 | ---- | C] () -- C:\Users\Udo\Desktop\Twin Sector.url
[2014.06.13 21:02:02 | 000,000,078 | ---- | C] () -- C:\Windows\Aboutn.ini
[2014.05.23 03:22:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.05.22 21:52:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.04.29 11:57:25 | 000,006,197 | ---- | C] () -- C:\Users\Udo\selectionbar000.png
[2014.04.29 11:57:20 | 000,002,700 | ---- | C] () -- C:\Users\Udo\edit000.png
[2014.03.05 19:03:26 | 000,000,235 | ---- | C] () -- C:\Users\Udo\.swfinfo
[2014.01.25 16:46:54 | 002,499,656 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2014.01.25 16:46:54 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2014.01.25 16:46:54 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2014.01.25 16:46:54 | 000,013,896 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2014.01.25 16:46:54 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2014.01.16 21:12:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013.11.04 13:33:37 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013.05.09 14:01:11 | 000,000,218 | ---- | C] () -- C:\Users\Udo\.recently-used.xbel
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.09 15:04:03 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2013.01.19 13:02:05 | 000,000,180 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013.01.06 15:49:36 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_x32.INI
[2013.01.06 15:49:22 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_x64.INI
[2013.01.01 15:25:28 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.12.29 17:30:19 | 000,007,647 | ---- | C] () -- C:\Users\Udo\AppData\Local\Resmon.ResmonCfg
[2012.12.23 15:25:40 | 000,000,545 | ---- | C] () -- C:\Users\Udo\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.12.22 21:58:53 | 000,001,084 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.22 20:57:44 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012.12.22 20:57:44 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012.12.22 20:57:44 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012.12.22 20:57:44 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012.12.22 20:57:44 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012.12.22 20:57:44 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012.12.22 20:57:44 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012.12.22 20:57:44 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012.12.22 20:57:44 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012.12.22 20:57:44 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012.12.22 20:57:44 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012.12.22 20:57:44 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012.12.22 20:57:44 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012.12.22 20:57:44 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012.12.22 20:57:44 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012.12.22 20:57:44 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012.12.22 20:57:44 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012.12.22 20:57:44 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012.12.22 20:57:44 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012.12.22 20:55:24 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini
[2012.12.22 17:15:59 | 000,006,144 | ---- | C] () -- C:\Users\Udo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.21 20:58:11 | 001,593,956 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.21 19:24:32 | 000,291,488 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.21 19:24:31 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012.12.21 19:24:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.21 13:27:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.18 11:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.12.18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.12.14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 03:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 03:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012.12.21 16:29:34 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Alle meine Passworte
[2012.12.22 19:07:32 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Amazon
[2014.03.05 18:59:39 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Apowersoft
[2014.02.10 13:56:43 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Ashampoo
[2014.04.29 13:20:56 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Audacity
[2013.01.19 13:02:03 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Bassic Technologies
[2012.12.27 19:03:32 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Day 1 Studios
[2012.12.31 14:57:12 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\de.village1.gcnt.McGameCenter
[2013.08.20 16:34:26 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Digitaluhr
[2014.06.30 19:46:00 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\dp3d
[2013.12.25 13:37:18 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Dropbox
[2013.06.18 16:24:51 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\EPSON
[2014.06.13 20:55:52 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Expert PDF 9
[2013.01.26 15:27:45 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\fltk.org
[2014.06.14 16:23:14 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Foxit Software
[2014.06.26 00:15:52 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Frogwares
[2013.05.09 13:59:51 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\gtk-2.0
[2013.04.23 16:49:11 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\IMSI
[2013.01.19 14:00:43 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\JaegermeisterRadio
[2013.03.07 17:57:07 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Kalenderchen
[2014.06.16 17:33:50 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\library_dir
[2014.03.12 14:40:39 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Lunaweb
[2014.02.20 20:25:55 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\mp3DirectCut
[2014.02.20 18:25:50 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Music Recognition
[2013.03.22 19:36:02 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Natural Selection 2
[2014.07.31 13:31:25 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\NetSpeedMonitor
[2013.01.01 15:25:31 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Opera
[2014.06.20 19:46:33 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\PDF Architect 2
[2013.01.14 01:52:34 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\PDF Experte 8
[2013.01.18 16:45:28 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\phonostar GmbH
[2013.01.19 12:43:25 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\phonostar-Player
[2014.07.14 17:20:21 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Raptr
[2013.01.19 16:11:29 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\RMNRadio Player
[2013.01.15 14:24:21 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Samsung
[2014.07.17 14:14:25 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\SketchUp
[2013.03.03 13:57:29 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\SmartTools
[2013.12.23 18:21:17 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Steganos
[2013.01.14 14:18:52 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Steganos VPN
[2014.04.24 14:07:59 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Thunderbird
[2014.02.19 16:40:47 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Toshiba
[2012.12.21 20:25:13 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\TuneUp Software
[2014.07.30 20:36:05 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\TV-Browser
[2014.03.28 21:26:24 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\Unity
[2013.01.14 11:53:32 | 000,000,000 | ---D | M] -- C:\Users\Udo\AppData\Roaming\YoWindow
 
[color=#E56717]========== Purity Check ==========[/color]
 
 


< End of report >

Alles anzeigen

Nachteule

ZIP???

Nachteule

Java und Spybot sind runter. Die Ergebnisse von Trojaner-Bord hab ich auch. Was braucht ihr für Daten und vor allen wie setze ich die in das Antwortfenster??

Nachteule

Code

OTL Extras logfile created on: 30.07.2014 20:31:37 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Udo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15.90 Gb Total Physical Memory | 13.18 Gb Available Physical Memory | 82.90% Memory free
17.90 Gb Paging File | 14.99 Gb Available in Paging File | 83.78% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 376.95 Gb Total Space | 220.85 Gb Free Space | 58.59% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 76.21 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Drive E: | 379.18 Gb Total Space | 160.57 Gb Free Space | 42.35% Space Free | Partition Type: NTFS
Drive H: | 175.17 Gb Total Space | 175.04 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
 
Computer Name: PC-UDO | User Name: Udo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B896F50-03B7-421B-A7E0-A4720DB423FB}" = lport=445 | protocol=6 | dir=in | app=system | 
"{1DC9958D-AC7F-410D-9F35-9C05C8DA060D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{314A4B98-1424-414A-955E-71624489EF63}" = lport=138 | protocol=17 | dir=in | app=system | 
"{36014684-5110-431C-8E6E-5B49FF463C28}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{69AEF1CA-2A6E-4D75-BCDC-35E595E6B640}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{753DE48F-4A42-46D0-9308-E18CB13B33F9}" = rport=137 | protocol=17 | dir=out | app=system | 
"{863A3AD7-FE4E-4FD6-B78B-7AC56F130EE3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B77BE189-0FCB-4F41-BB49-BB76AF87C7C6}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B8801475-1510-44C8-B549-BCBDD805EBD7}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C358A322-7425-4581-8DE5-8C3239CE389E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C7F01BC5-97AB-4C09-A167-4913CF29D555}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C80C0337-76E4-40EE-A7B0-7E9BF79A229A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C81E9704-D529-4574-89C4-810E9E21AFB6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E1EBDBD6-5C44-4CF1-BA76-3E560D1BCB29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0178ED44-CFAA-477B-8D06-03F42E0A7B82}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe | 
"{0189D7A1-09C2-4569-B38F-0E84EEE12D8B}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{01C79E53-7495-4C0F-A787-C354970EA558}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\the testament of sherlock holmes\game.exe | 
"{054882B2-66B4-4C44-83BC-8E0564C8DBAF}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe | 
"{098AC0E2-4E68-418E-A546-474C03459AAB}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{0E6FACF4-8DE5-4B62-8F45-15CE89D08BA0}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\twinsector\twinsector_steam.exe | 
"{146E2611-1D42-4207-A275-1287E65FEB9A}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{18B7FEE9-B497-4504-ABD9-EEC62E6563F2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe | 
"{1A10FB54-4E6C-4CFE-92F8-0FBF552F2354}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\the testament of sherlock holmes\game.exe | 
"{1D890A2D-C3E9-460B-9AC2-A029239C0EF5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\portal 2\portal2.exe | 
"{2505E6F1-DC4F-420E-A7C5-ECA9E1F444F5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{27B6A859-E010-4765-B735-CAFF00E13857}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2C5AFDF6-E24D-43E4-80B0-645CC79043B9}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{2D22B995-346D-46B2-AD7A-92372963DB2D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{33548D39-E9F9-4E44-AA95-41E9A4390EB4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{365BEADF-2C45-4BF6-8D8E-CC1976546A63}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\metro last light\metroll.exe | 
"{3BB91674-07F8-4C40-99EF-6D905790E5EA}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{47FAC5E5-D755-4EE6-8CC3-1FAA21A0682C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{4A5D861D-355E-4DAC-A517-A102ED3FAC7A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{5E8F59A3-2C24-42DB-91A8-2787840C959C}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dream_pinball_3d\dp3d.exe | 
"{5FAB0A24-1277-4BCE-9248-D4128B49BFCF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6729E7BE-46EC-4D1E-8CB1-1D4AFDB42C65}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe | 
"{6C224DFA-ED6F-4DD7-9D48-1FC05C4EFDD8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6D2687CB-1E5E-44E7-9E76-8D7D49FB80B2}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe | 
"{6D302058-480A-4C00-B850-0F59EC8A43E7}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe | 
"{7B4B70C2-FB03-41DC-AA26-EA977698FD3C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7BC155D7-1D4F-41FB-9752-BCDE4B990C5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{7BDF9DF8-BF7C-42CB-A22D-45B74BF12EC2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8912C858-EADF-47A6-9522-4902B84A6E4D}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\thief\binaries\win64\shipping-thiefgame.exe | 
"{A5A514F1-6BC8-441E-AB39-02456AB00240}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe | 
"{A68C08FF-C644-4E24-AA85-5F851BD373A3}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{B3DABA91-F7B0-4B84-A171-DD3C182131C1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{B4FAF5FC-1CFA-4B0C-BBE6-27E6B62965A8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\blacklist_launcher.exe | 
"{BE6FA224-B889-46C9-B8F9-5908D6DE5CE2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{BF18C4B8-197B-4CAD-A9CE-26C79F14861F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C16FCA78-327E-440D-AEB4-D264E8B30A7F}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{C4611C2A-A75A-4C69-B365-C5F7C722F879}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dream_pinball_3d\dp3d.exe | 
"{C947EF2E-E116-4F83-A034-538AE7DF61F7}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\metro last light\metroll.exe | 
"{C9E3EFA5-90FD-4458-9319-88AC360D27D5}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\gu.exe | 
"{D306F263-2A79-4597-9D11-DF170276407C}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\twinsector\twinsector_steam.exe | 
"{F5231D80-3D48-44F6-A236-ACACA854D905}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_game.exe | 
"{F645A07E-873D-4FC9-B9B1-66E984412562}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe | 
"{F802D1FE-2A4E-43A9-8894-7ABA051A2CB8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\tom clancy's splinter cell blacklist\src\system\blacklist_dx11_game.exe | 
"TCP Query User{00EFC886-C4D1-48FD-A96C-643DBA8742F5}E:\steam\steamapps\common\thinking with time machine\twtm.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\thinking with time machine\twtm.exe | 
"TCP Query User{7D551B9D-415A-423F-BF7C-05F925E2C2E4}E:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"TCP Query User{7E339131-26B4-413A-95A7-818D5B561A0E}E:\steam\steamapps\common\dear esther\dearesther.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dear esther\dearesther.exe | 
"TCP Query User{9FF1B606-3228-4FBD-963F-8401C12BB353}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe" = protocol=6 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
"UDP Query User{1DD0A303-16ED-4601-9C8E-E971AA8DAA48}E:\steam\steamapps\common\dear esther\dearesther.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dear esther\dearesther.exe | 
"UDP Query User{3EEDB373-73FE-4E74-8DE2-3235A2F01498}E:\steam\steamapps\common\thinking with time machine\twtm.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\thinking with time machine\twtm.exe | 
"UDP Query User{5366B434-DE96-4E87-9B6C-6B257C5F2757}E:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe | 
"UDP Query User{78F3BEEE-1C1E-4995-95DF-AD030ABE78E7}E:\steam\steamapps\common\call of duty black ops ii\t6mp.exe" = protocol=17 | dir=in | app=e:\steam\steamapps\common\call of duty black ops ii\t6mp.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}" = iTunes
"{5C3C81E1-B563-DC39-53B2-AB53DB4A521F}" = AMD Wireless Display v3.0
"{5D6A5E53-8DF9-92CB-9F79-14DFD7D7C1BA}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.6
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7BFFB77E-F04B-AC33-614D-A2FFE5B1E2D1}" = AMD Accelerated Video Transcoding
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}" = NetSpeedMonitor 2.5.4.0 x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D95B61A-9759-40F7-69BF-54DCE6675143}" = AMD Catalyst Install Manager
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{FB17462E-ED3D-1D33-2108-26F4C37C6AD1}" = ccc-utility64
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"EPSON XP-302 303 305 306 Series" = EPSON XP-302 303 305 306 Series Printer Uninstall
"VLC media player" = VLC media player 2.0.5
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{087B9123-2793-AFD4-7AC0-0E2F939657E2}" = CCC Help Dutch
"{0C4FABD1-92DD-DA78-9570-1CB8C6C4D6E5}" = CCC Help Japanese
"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox
"{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1" = Kalenderchen 5
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20E8EA13-33DD-4565-9C83-FDC81666302A}" = TurboCAD Deluxe V.11.1
"{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}" = Apple Application Support
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{30E01116-5666-4807-8EF1-D80E9FF16717}" = Epson Easy Photo Print 2
"{34746876-2972-9A57-A1A5-C7865785A62E}" = CCC Help German
"{39A05D92-5B6E-84E1-2006-B9B89CECFDC7}" = CCC Help Danish
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{419CF1B5-0FAE-9EE3-C621-AD3DA7A53B06}" = CCC Help English
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{46BEC94A-8D93-A1FB-2010-276F3DDCB779}" = CCC Help French
"{46F4462B-8113-B293-1AF2-00B3B0EEB9D3}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{522536D5-883B-5E3C-7880-8ECB28FB4596}" = CCC Help Finnish
"{571637E3-F891-507C-9DA2-47B22C37C544}" = CCC Help Turkish
"{5E68C794-2884-F495-09B0-62AEA1DCE08A}" = CCC Help Russian
"{62EEC21F-308D-570A-2279-8621AFE237B6}" = CCC Help Chinese Traditional
"{69FDB13A-7740-1CC1-016F-CEB08DF1CF38}" = Catalyst Control Center Localization All
"{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}" = Microsoft_VC100_CRT_x86
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D3B16A-0947-7F94-6BF6-490AF844B2E8}" = CCC Help Polish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75939021-3B68-419D-8DC1-E9823BFF9658}" = Google Drive
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AC8EF88-D996-4D47-B40C-4DD93E307481}" = Microsoft Sync Framework 2.1 Core Components (x86) ENU 
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7E3BEC3E-00E1-45AA-8440-5800E86591C8}" = TurboCAD Symbole
"{7F87D86E-0D51-F8F1-9E83-DEA9F2FB4103}" = CCC Help Italian
"{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}" = SafeFinder Smartbar
"{88265079-D6F4-4292-86BE-D2053E80BFE4}" = Freemium Free PDF Perfect
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8FED5458-A4D8-B32E-D098-0CD13E7DFA96}" = CCC Help Portuguese
"{9010713F-E301-637D-52BA-A7CB2C26A6F0}" = CCC Help Thai
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91B33C97-280F-B76D-E27B-E712D7041B76}_is1" = Ashampoo Burning Studio 2014 v.12.0.5
"{930988CE-E2EE-4292-B35F-E7644A19473D}" = Free Pdf Perfect Prereq
"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{a27ff828-0971-45a4-8d69-986740373921}" = Free Pdf Perfect Prereq
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A60763B2-8D86-258F-565C-F6F1B48DB563}" = CCC Help Chinese Standard
"{A70FBCFC-227F-3AA5-40BA-0ED0EF40AB70}" = CCC Help Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}" = Futuremark SystemInfo
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{B8F4A45C-581C-4707-8EF2-2B9E6722270C}" = SketchUp 8
"{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}" = Epson Event Manager
"{BF5ACEF5-C66A-A0FB-2931-927778AF8D0A}" = CCC Help Spanish
"{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}" = Software Updater
"{C8AD2316-A453-A53D-FA6A-319D4D3A3DBA}" = CCC Help Czech
"{CC0F816C-4993-DC4D-51F4-2E9D3DBDEAAF}" = CCC Help Greek
"{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}" = Epson E-Web Print
"{D46336D9-3C98-2607-FE17-EE012C6D2948}" = CCC Help Korean
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DEB9DC81-DCF5-8688-8A5A-35A19A1C0659}" = CCC Help Hungarian
"{E00985A8-4974-E464-2A49-9263F8AE4DF6}" = AMD Catalyst Control Center
"{E5A2014F-F04E-33A0-5548-1A1FD35D0B49}" = Catalyst Control Center InstallProxy
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EDDAEBE4-E1AF-838A-E641-B7373317D15D}" = CCC Help Swedish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}" = NVIDIA PhysX (Legacy)
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"AllemeinePassworte" = Alle meine Passworte 3.21
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Anti-Twin 2013-01-09 17.59.40" = Anti-Twin (Installation 09.01.2013)
"AudibleManager" = AudibleManager
"avast" = avast! Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Dia" = Dia (nur entfernen)
"EaseUS Partition Master_is1" = EaseUS Partition Master 9.3.0
"EPSON Scanner" = EPSON Scan
"EPSON XP-302 303 305 306 Series Bog" = Benutzerhandbuch - Grundlagen EPSON XP-302 303 305 306 Series
"EPSON XP-302 303 305 306 Series Netg" = Netzwerkhandbuch EPSON XP-302 303 305 306 Series
"EPSON XP-302 303 305 306 Series Useg" = Benutzerhandbuch EPSON XP-302 303 305 306 Series
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"Mozilla Firefox 31.0 (x86 de)" = Mozilla Firefox 31.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"PC Wizard 2012_is1" = PC Wizard 2012.2.11
"PunkBusterSvc" = PunkBuster Services
"Raptr" = Raptr
"Schriftenbibliothek_is1" = Schriftenbibliothek
"SmartTools Publishing · Websuche" = SmartTools Publishing · Websuche
"SmartTools PublishingOffice DDE-Fixv1.20" = SmartTools Office DDE-Fix
"SmartToolsAutoBackupv2.00" = SmartTools Publishing • Excel AutoBackup
"SmartToolsFalz & Lochmarken-Assistentv6.50" = SmartTools Publishing • Word Falz & Lochmarken-Assistent
"SmartToolsMusterbrief-Assistentv7.00" = SmartTools Publishing • Word Musterbrief-Assistent
"Steam" = Steam
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 203810" = Dear Esther
"Steam App 205100" = Dishonored
"Steam App 205650" = The Testament of Sherlock Holmes
"Steam App 208200" = DOOM 3: BFG Edition
"Steam App 21100" = F.E.A.R. 3
"Steam App 211600" = Thief Gold
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 214870" = Painkiller Hell & Damnation
"Steam App 215790" = Dream Pinball 3D
"Steam App 235600" = Tom Clancy's Splinter Cell Blacklist
"Steam App 239160" = Thief
"Steam App 239200" = Amnesia: A Machine for Pigs
"Steam App 240" = Counter-Strike: Source
"Steam App 247930" = Sniper Elite: Zombie Army 2
"Steam App 27900" = Twin Sector
"Steam App 286080" = Thinking with Time Machine
"Steam App 3260" = Safecracker: The Ultimate Puzzle Adventure
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 40700" = Machinarium
"Steam App 43160" = Metro: Last Light
"Steam App 47000" = 4 Elements
"Steam App 48000" = LIMBO
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"Steam App 8870" = BioShock Infinite
"Steam App 9200" = RAGE
"Steam App 98400" = Hard Reset
"tvbrowser" = TV-Browser 3.2.1
"WinPcapInst" = WinPcap 4.1.2
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MusicManager" = Music Manager
"SmartTools Publishing · Word Falz und Lochmarken-Assistent" = SmartTools Publishing · Word Falz und Lochmarken-Assistent
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 01.02.2014 08:07:00 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:07:01 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:07:10 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 08:39:33 | Computer Name = PC-Udo | Source = Steam Client Service | ID = 1
Description = Error: Failed to poke open firewall
 
Error - 01.02.2014 08:39:43 | Computer Name = PC-Udo | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\phonostar-Player\phonostar.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 01.02.2014 11:30:26 | Computer Name = PC-Udo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel:
 0x523dfcb8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0x17a0  Startzeit der fehlerhaften Anwendung: 0x01cf1f62572ec12f  Pfad der fehlerhaften
 Anwendung: E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: c5e5d595-8b55-11e3-99fc-001bdc0f823c
 
Error - 01.02.2014 11:31:35 | Computer Name = PC-Udo | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel:
 0x523dfcb8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften Prozesses:
 0x11a0  Startzeit der fehlerhaften Anwendung: 0x01cf1f6295b461ae  Pfad der fehlerhaften
 Anwendung: E:\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: eec12e23-8b55-11e3-99fc-001bdc0f823c
 
Error - 01.02.2014 16:07:16 | Computer Name = PC-Udo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.02.2014 16:07:16 | Computer Name = PC-Udo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15585
 
Error - 01.02.2014 16:07:16 | Computer Name = PC-Udo | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15585
 
[ OSession Events ]
Error - 25.01.2013 15:23:32 | Computer Name = PC-Udo | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.07.2014 13:10:32 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 30.07.2014 13:10:32 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 30.07.2014 13:10:57 | Computer Name = PC-Udo | Source = DCOM | ID = 10005
Description = 
 
Error - 30.07.2014 13:12:16 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7001
Description = Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 30.07.2014 13:14:30 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 30.07.2014 13:14:37 | Computer Name = PC-Udo | Source = volmgr | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
 fehlgeschlagen. Stellen  Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
 vorhanden ist und dass diese  groß genug ist, um den gesamten physikalischen Speicher
 abbilden zu können.
 
Error - 30.07.2014 13:15:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 30.07.2014 13:15:37 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 30.07.2014 13:16:16 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Spybot-S&D 2 Scanner Service erreicht.
 
Error - 30.07.2014 13:16:16 | Computer Name = PC-Udo | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >

Alles anzeigen

Nachteule

Code

OTL logfile created on: 30.07.2014 20:31:37 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Udo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15.90 Gb Total Physical Memory | 13.18 Gb Available Physical Memory | 82.90% Memory free
17.90 Gb Paging File | 14.99 Gb Available in Paging File | 83.78% Paging File free
Paging file location(s): c:\pagefile.sys 2048 2048 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 376.95 Gb Total Space | 220.85 Gb Free Space | 58.59% Space Free | Partition Type: NTFS
Drive D: | 76.33 Gb Total Space | 76.21 Gb Free Space | 99.84% Space Free | Partition Type: NTFS
Drive E: | 379.18 Gb Total Space | 160.57 Gb Free Space | 42.35% Space Free | Partition Type: NTFS
Drive H: | 175.17 Gb Total Space | 175.04 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
 
Computer Name: PC-UDO | User Name: Udo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2014.07.30 20:30:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Udo\Desktop\OTL.exe
PRC - [2014.07.26 17:38:37 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.07.16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2014.07.16 04:28:16 | 001,753,280 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2014.06.21 15:11:10 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014.05.12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014.04.25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014.04.25 14:12:10 | 002,081,752 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014.04.11 16:03:02 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.10 05:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.21 13:23:08 | 000,933,888 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
PRC - [2011.08.08 13:43:58 | 000,690,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2011.08.08 13:36:58 | 000,087,960 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2011.05.09 16:06:02 | 002,750,376 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2010.09.06 16:18:00 | 000,746,384 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2010.04.29 21:49:48 | 000,653,271 | ---- | M] () -- C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe
PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009.04.03 18:17:00 | 000,447,816 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2014.07.29 10:48:07 | 017,029,808 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
MOD - [2014.07.26 17:38:37 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.07.16 04:28:28 | 002,139,328 | ---- | M] () -- C:\Program Files (x86)\Steam\video.dll
MOD - [2014.07.16 04:28:18 | 001,116,864 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2014.07.12 02:53:26 | 001,116,672 | ---- | M] () -- C:\Program Files (x86)\Steam\libavcodec-55.dll
MOD - [2014.07.12 02:53:26 | 000,438,784 | ---- | M] () -- C:\Program Files (x86)\Steam\libavutil-53.dll
MOD - [2014.07.12 02:53:26 | 000,399,360 | ---- | M] () -- C:\Program Files (x86)\Steam\libavformat-55.dll
MOD - [2014.07.12 02:53:26 | 000,331,264 | ---- | M] () -- C:\Program Files (x86)\Steam\libavresample-1.dll
MOD - [2014.06.27 00:40:28 | 000,764,416 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2014.05.02 01:35:22 | 020,628,160 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2014.04.29 02:37:22 | 000,519,168 | ---- | M] () -- C:\Program Files (x86)\Steam\libswscale-2.dll
MOD - [2014.02.06 01:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.02.06 01:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.04.29 21:49:48 | 000,653,271 | ---- | M] () -- C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2014.06.19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:[b]64bit:[/b] - [2014.05.23 03:25:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2011.12.12 00:00:00 | 000,135,824 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\SysNative\escsvc64.exe -- (EpsonScanSvc)
SRV - [2014.07.29 10:48:07 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.26 17:38:37 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.07.16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.06.20 20:11:49 | 000,234,096 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe -- (SXDS10)
SRV - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014.04.11 16:03:02 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.15 14:06:10 | 000,520,416 | ---- | M] (Futuremark) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.12.14 03:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.05.30 14:11:34 | 000,149,544 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV - [2011.04.01 17:42:56 | 000,198,064 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x64\Sandra.sys -- (SANDRA)
DRV:[b]64bit:[/b] - [2014.07.30 20:31:56 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:[b]64bit:[/b] - [2014.05.23 04:22:08 | 015,950,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2014.05.23 03:11:52 | 000,557,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2014.05.12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:[b]64bit:[/b] - [2014.05.12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:[b]64bit:[/b] - [2014.04.08 16:20:34 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:[b]64bit:[/b] - [2013.07.17 15:29:13 | 001,030,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:[b]64bit:[/b] - [2013.07.17 15:29:13 | 000,378,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:[b]64bit:[/b] - [2013.07.17 15:29:13 | 000,189,936 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:[b]64bit:[/b] - [2013.06.21 03:09:46 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2013.06.02 05:56:58 | 000,031,920 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:[b]64bit:[/b] - [2013.05.09 10:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:[b]64bit:[/b] - [2013.03.07 10:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:[b]64bit:[/b] - [2013.03.07 10:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:[b]64bit:[/b] - [2012.12.14 03:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:[b]64bit:[/b] - [2012.09.20 06:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:[b]64bit:[/b] - [2012.08.21 01:00:00 | 000,982,784 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb5.sys -- (fwlanusb5)
DRV:[b]64bit:[/b] - [2012.07.17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:[b]64bit:[/b] - [2012.05.30 14:10:50 | 000,016,168 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:[b]64bit:[/b] - [2012.04.25 01:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:[b]64bit:[/b] - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2011.12.15 19:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2011.08.05 10:24:26 | 000,292,024 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2011.02.11 23:23:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:[b]64bit:[/b] - [2011.01.27 15:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
DRV:[b]64bit:[/b] - [2010.11.29 11:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
DRV:[b]64bit:[/b] - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:[b]64bit:[/b] - [2010.11.11 10:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV:[b]64bit:[/b] - [2010.10.22 02:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:[b]64bit:[/b] - [2010.08.30 10:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV:[b]64bit:[/b] - [2010.04.26 11:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV:[b]64bit:[/b] - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009.07.24 12:33:14 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.06.17 13:01:04 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.03.07 10:49:20 | 000,013,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2013.03.07 10:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012.08.11 09:49:52 | 000,024,368 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys -- (cpuz135)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com/?publisher=ONSF&dpid=ONSF&co=DE&userid=34735fde-f634-2a14-5ebf-14e2e0242cab&searchtype=ds&q={searchTerms}&installDate={installDate}&barcodeid={barcodeID}&um={UM}&type=YHS_SF_200
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.v9.com/web/?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - user.js - File not found
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@soft-xpansion/npsxpdf: C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar-Player: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll File not found
FF - HKCU\Software\MozillaPlugins\@phonostar.de/Schlagerhöllen-Player: C:\Program Files (x86)\Schlagerhoellen-Player\npphonostarDetectNP.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Udo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Udo\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.05.15 13:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014.03.21 17:35:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B45418F9-6406-4828-9D1A-35313FB1E2D6}: C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014.06.20 20:11:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.26 17:38:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Users\Udo\AppData\Roaming\Mozilla\Firefox\Profiles\cqo5i5yk.default\extensions\extension@preispilot.com
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.07.26 17:38:34 | 000,000,000 | ---D | M]
 
[2014.03.12 14:40:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Extensions
[2014.03.19 16:04:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\bet0xp07.default\extensions
[2014.03.19 16:04:47 | 000,000,000 | ---D | M] (Popular Website Buddy) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\bet0xp07.default\extensions\jid1-l6V8exwLVv1lBw@jetpack
[2014.07.30 16:04:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions
[2014.07.27 19:37:41 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2014.03.25 21:17:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.07.26 17:44:10 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Udo\AppData\Roaming\mozilla\Firefox\Profiles\gx7a37qn.default\extensions\djziggy@gmail.com
[2014.03.15 17:50:35 | 000,149,045 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\autofillForms@blueimp.net.xpi
[2014.06.10 10:55:22 | 000,371,542 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\client@anonymox.net.xpi
[2014.02.01 15:40:03 | 000,367,561 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\smarterwiki@wikiatic.com.xpi
[2014.06.20 12:19:13 | 000,131,912 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\tiletabs@DW-dev.xpi
[2014.07.07 17:48:51 | 000,703,054 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi
[2014.05.04 00:27:35 | 000,293,729 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2014.07.30 00:59:06 | 000,093,296 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi
[2014.07.24 17:30:00 | 000,020,079 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.07.23 11:49:13 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Udo\AppData\Roaming\mozilla\firefox\profiles\gx7a37qn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.07.26 17:38:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.07.26 17:38:38 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014.07.30 14:43:17 | 000,450,770 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15469 more lines...
O2:[b]64bit:[/b] - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1D053BB5-C922-44E3-9910-66585F017505} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - Startup: C:\Users\Udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digitaluhr.exe.lnk = C:\Users\Udo\Downloads\Digitaluhr\Digitaluhr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:[b]64bit:[/b] - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:[b]64bit:[/b] - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D39EEC95-09A5-43FD-AB89-E51ED0A5BC30}: DhcpNameServer = 192.168.0.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:[b]64bit:[/b] - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{40f4ba12-d81c-11e2-bc14-246511c0471d}\Shell - "" = AutoRun
O33 - MountPoints2\{40f4ba12-d81c-11e2-bc14-246511c0471d}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\{62584f0b-4b61-11e2-9dbf-246511c0471d}\Shell - "" = AutoRun
O33 - MountPoints2\{62584f0b-4b61-11e2-9dbf-246511c0471d}\Shell\AutoRun\command - "" = J:\pushinst.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014.07.30 20:30:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Udo\Desktop\OTL.exe
[2014.07.26 17:38:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.18 18:49:22 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\Sketchup Mauer
[2014.07.17 18:31:23 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\Sketchup 1
[2014.07.17 15:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 8
[2014.07.17 14:14:25 | 000,000,000 | ---D | C] -- C:\Users\Udo\AppData\Roaming\SketchUp
[2014.07.17 14:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SketchUp
[2014.07.17 14:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SketchUp
[2014.07.17 02:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.07.17 02:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.07.17 01:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veoh Networks
[2014.07.16 19:13:22 | 000,040,832 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\drivers\TosBtCi.dll
[2014.07.16 19:13:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[2014.07.16 14:26:36 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 1
[2014.07.16 14:26:12 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 2
[2014.07.16 13:14:57 | 000,000,000 | ---D | C] -- C:\Users\Udo\Desktop\Ancient Alien Staffel 3
[2014.07.10 16:41:35 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014.07.10 16:41:35 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014.07.10 16:41:33 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014.07.10 16:41:33 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014.07.10 16:41:29 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.07.10 16:41:24 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.07.10 16:41:24 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.07.10 16:41:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.07.10 16:41:23 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.07.10 16:41:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.07.10 16:41:23 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.07.10 16:41:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.07.10 16:41:23 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.07.10 16:41:22 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.07.10 16:41:22 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.07.10 16:41:21 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.07.10 16:41:21 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.07.10 16:41:21 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.07.10 16:41:21 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.07.10 16:41:21 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.07.10 16:41:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.07.10 16:41:20 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.07.10 16:41:20 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.07.10 16:41:20 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.07.10 16:41:20 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.07.10 16:41:19 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.07.10 16:41:19 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.07.10 16:41:19 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.07.10 16:41:19 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.07.10 16:41:19 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014.07.10 16:41:18 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.07.10 16:41:18 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.07.10 16:41:18 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.07.10 16:41:18 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.07.10 16:41:18 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.07.10 16:41:18 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.07.10 16:41:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.07.10 16:41:17 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.07.10 16:41:17 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.07.10 16:41:17 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014.07.10 16:40:58 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.07.09 19:48:31 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\FormatFactory
[2014.07.09 19:41:24 | 000,000,000 | ---D | C] -- C:\FFOutput
[2014.07.09 19:41:16 | 048,888,704 | ---- | C] (AVM Software Inc.) -- C:\Users\Udo\Documents\pal_install_a4650_r131001_p127000.exe
[2014.07.09 19:40:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2014.07.07 18:21:18 | 000,255,352 | ---- | C] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2014.07.07 18:21:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2014.07.06 17:36:41 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.07.01 18:05:51 | 000,000,000 | ---D | C] -- C:\Users\Udo\Documents\TwinSector
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014.07.30 20:31:56 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.07.30 20:30:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Udo\Desktop\OTL.exe
[2014.07.30 20:21:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1147065550-3275198788-2662770593-1000UA.job
[2014.07.30 19:22:47 | 000,024,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.30 19:22:47 | 000,024,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.30 19:14:49 | 000,000,814 | ---- | M] () -- C:\Users\Udo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Digitaluhr.exe.lnk
[2014.07.30 19:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.07.30 19:14:37 | 4212,383,742 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.30 14:43:17 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.07.30 13:30:11 | 001,365,551 | ---- | M] () -- C:\Users\Udo\Desktop\adwcleaner_3.301.exe
[2014.07.30 13:14:04 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.07.30 13:14:04 | 000,699,416 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.07.30 13:14:04 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.07.30 13:14:04 | 000,149,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.07.30 13:14:04 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.07.29 16:37:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.07.29 12:21:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1147065550-3275198788-2662770593-1000Core.job
[2014.07.29 10:48:07 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.07.29 10:48:07 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.26 18:32:16 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140730-144317.backup
[2014.07.22 16:13:02 | 000,000,221 | ---- | M] () -- C:\Users\Udo\Desktop\Defense Grid The Awakening.url
[2014.07.20 19:33:25 | 002,375,032 | ---- | M] () -- C:\Users\Udo\Desktop\Katalog.pdf
[2014.07.20 18:43:32 | 000,134,389 | ---- | M] () -- C:\Users\Udo\Desktop\Reinkarnation.PNG
[2014.07.20 17:56:18 | 216,759,222 | ---- | M] () -- C:\Users\Udo\Desktop\Elisabeth K_bler- Ross - _ber den Tod und das Leben danach_H_rbuch.mp3
[2014.07.17 16:14:12 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140726-183216.backup
[2014.07.17 15:12:06 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014.07.17 14:14:11 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014.07.16 19:17:49 | 000,000,956 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014.07.16 18:49:01 | 156,981,100 | ---- | M] () -- C:\Users\Udo\Desktop\Mysterien_des_Weltalls_-_Dimensionen_DOKU.mp4
[2014.07.10 20:16:56 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140717-161412.backup
[2014.07.10 20:16:18 | 000,001,034 | ---- | M] () -- C:\Windows\wininit.ini
[2014.07.10 20:14:46 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140710-201656.backup
[2014.07.10 18:26:59 | 000,310,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.07.07 18:21:18 | 000,255,352 | ---- | M] (Audible, Inc.) -- C:\Windows\SysWow64\awrdscdc.ax
[2014.07.05 16:57:55 | 000,018,849 | ---- | M] () -- C:\Users\Udo\Desktop\POP3 GMX.PNG
[2014.07.01 17:52:03 | 000,450,770 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140710-201446.backup
[2014.07.01 17:48:40 | 000,000,221 | ---- | M] () -- C:\Users\Udo\Desktop\Twin Sector.url
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014.07.30 13:30:08 | 001,365,551 | ---- | C] () -- C:\Users\Udo\Desktop\adwcleaner_3.301.exe
[2014.07.22 16:13:02 | 000,000,221 | ---- | C] () -- C:\Users\Udo\Desktop\Defense Grid The Awakening.url
[2014.07.20 19:33:21 | 002,375,032 | ---- | C] () -- C:\Users\Udo\Desktop\Katalog.pdf
[2014.07.20 18:43:32 | 000,134,389 | ---- | C] () -- C:\Users\Udo\Desktop\Reinkarnation.PNG
[2014.07.20 17:53:34 | 216,759,222 | ---- | C] () -- C:\Users\Udo\Desktop\Elisabeth K_bler- Ross - _ber den Tod und das Leben danach_H_rbuch.mp3
[2014.07.17 15:12:06 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF8a.ocx
[2014.07.17 14:14:11 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ALLFSAF14a.ocx
[2014.07.16 19:14:32 | 000,000,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
[2014.07.16 18:48:16 | 156,981,100 | ---- | C] () -- C:\Users\Udo\Desktop\Mysterien_des_Weltalls_-_Dimensionen_DOKU.mp4
[2014.07.05 16:57:55 | 000,018,849 | ---- | C] () -- C:\Users\Udo\Desktop\POP3 GMX.PNG
[2014.07.01 17:48:40 | 000,000,221 | ---- | C] () -- C:\Users\Udo\Desktop\Twin Sector.url
[2014.06.13 21:02:02 | 000,000,078 | ---- | C] () -- C:\Windows\Aboutn.ini
[2014.05.23 03:22:14 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.05.23 03:22:14 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014.05.22 21:52:44 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.04.29 11:57:25 | 000,006,197 | ---- | C] () -- C:\Users\Udo\selectionbar000.png
[2014.04.29 11:57:20 | 000,002,700 | ---- | C] () -- C:\Users\Udo\edit000.png
[2014.03.05 19:03:26 | 000,000,235 | ---- | C] () -- C:\Users\Udo\.swfinfo
[2014.01.25 16:46:54 | 002,499,656 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2014.01.25 16:46:54 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2014.01.25 16:46:54 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2014.01.25 16:46:54 | 000,013,896 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2014.01.25 16:46:54 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2014.01.16 21:12:34 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2013.11.04 13:33:37 | 000,000,022 | ---- | C] () -- C:\Windows\GPU-Z.INI
[2013.05.09 14:01:11 | 000,000,218 | ---- | C] () -- C:\Users\Udo\.recently-used.xbel
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013.03.09 15:04:03 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2013.01.19 13:02:05 | 000,000,180 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013.01.06 15:49:36 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_x32.INI
[2013.01.06 15:49:22 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor_x64.INI
[2013.01.01 15:25:28 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012.12.29 17:30:19 | 000,007,647 | ---- | C] () -- C:\Users\Udo\AppData\Local\Resmon.ResmonCfg
[2012.12.23 15:25:40 | 000,000,545 | ---- | C] () -- C:\Users\Udo\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.12.22 21:58:53 | 000,001,034 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.22 20:57:44 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012.12.22 20:57:44 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012.12.22 20:57:44 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012.12.22 20:57:44 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012.12.22 20:57:44 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012.12.22 20:57:44 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012.12.22 20:57:44 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012.12.22 20:57:44 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012.12.22 20:57:44 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012.12.22 20:57:44 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012.12.22 20:57:44 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012.12.22 20:57:44 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012.12.22 20:57:44 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012.12.22 20:57:44 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012.12.22 20:57:44 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012.12.22 20:57:44 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012.12.22 20:57:44 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012.12.22 20:57:44 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012.12.22 20:57:44 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012.12.22 20:55:24 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX8400DEFGIPS.ini
[2012.12.22 17:15:59 | 000,006,144 | ---- | C] () -- C:\Users\Udo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.21 20:58:11 | 001,593,956 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.21 19:24:32 | 000,291,488 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.21 19:24:31 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2012.12.21 19:24:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.21 13:27:42 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.12.18 11:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.12.18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.12.14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 03:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.14 03:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]


< End of report >

Alles anzeigen

Nachteule

im abgesicherten Modus löscht es auch nicht.

Nachteule

Code

Malwarebytes Anti-Malware
www.malwarebytes.org


Suchlauf Datum: 30.07.2014
Suchlauf-Zeit: 17:48:43
Logdatei: 
Administrator: Ja


Version: 2.00.2.1012
Malware Datenbank: v2014.07.30.04
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert


Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Udo


Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 302775
Verstrichene Zeit: 4 Min, 41 Sek


Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert


Prozesse: 0
(No malicious items detected)


Module: 0
(No malicious items detected)


Registrierungsschlüssel: 0
(No malicious items detected)


Registrierungswerte: 0
(No malicious items detected)


Registrierungsdaten: 0
(No malicious items detected)


Ordner: 0
(No malicious items detected)


Dateien: 0
(No malicious items detected)


Physische Sektoren: 0
(No malicious items detected)




(end)

Alles anzeigen

Nachteule

XML

<?xml version="1.0" encoding="UTF-8" ?>
<mbam-log>
<header>
<date>2014/07/30 17:18:10 +0200</date>
<logfile>mbam-log-2014-07-30 (17-18-09).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.07.30.04</malware-database>
<rootkit-database>v2014.07.17.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Udo</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>302662</objects>
<time>277</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>

Alles anzeigen

Nachteule

Code

# AdwCleaner v3.301 - Bericht erstellt am 30/07/2014 um 17:03:13
# Aktualisiert 28/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Udo - PC-UDO
# Gestartet von : C:\Users\Udo\Desktop\adwcleaner_3.301.exe
# Option : Suchen


***** [ Dienste ] *****




***** [ Dateien / Ordner ] *****




***** [ Tasks ] *****




***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****




***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.17207




-\\ Mozilla Firefox v31.0 (x86 de)


[ Datei : C:\Users\Udo\AppData\Roaming\Mozilla\Firefox\Profiles\gx7a37qn.default\prefs.js ]




*************************


AdwCleaner[R0].txt - [14042 octets] - [02/02/2014 13:52:48]
AdwCleaner[R10].txt - [1521 octets] - [06/02/2014 14:18:46]
AdwCleaner[R11].txt - [1642 octets] - [07/02/2014 13:19:04]
AdwCleaner[R12].txt - [1810 octets] - [08/02/2014 17:20:09]
AdwCleaner[R13].txt - [1899 octets] - [10/02/2014 14:03:27]
AdwCleaner[R14].txt - [1945 octets] - [11/02/2014 14:12:03]
AdwCleaner[R15].txt - [7188 octets] - [20/02/2014 19:44:41]
AdwCleaner[R16].txt - [4638 octets] - [20/02/2014 19:49:49]
AdwCleaner[R17].txt - [2892 octets] - [15/03/2014 15:28:36]
AdwCleaner[R18].txt - [2490 octets] - [05/04/2014 13:56:09]
AdwCleaner[R19].txt - [3521 octets] - [26/04/2014 14:20:54]
AdwCleaner[R1].txt - [14103 octets] - [02/02/2014 14:12:42]
AdwCleaner[R20].txt - [2986 octets] - [15/05/2014 12:06:56]
AdwCleaner[R21].txt - [2804 octets] - [17/05/2014 15:09:19]
AdwCleaner[R22].txt - [2926 octets] - [18/05/2014 14:18:54]
AdwCleaner[R23].txt - [3168 octets] - [08/06/2014 15:38:58]
AdwCleaner[R24].txt - [3174 octets] - [08/06/2014 19:22:35]
AdwCleaner[R25].txt - [3296 octets] - [11/06/2014 15:17:18]
AdwCleaner[R26].txt - [3416 octets] - [18/06/2014 17:30:00]
AdwCleaner[R27].txt - [6926 octets] - [20/06/2014 20:12:39]
AdwCleaner[R28].txt - [3895 octets] - [09/07/2014 19:43:25]
AdwCleaner[R29].txt - [3956 octets] - [09/07/2014 19:44:02]
AdwCleaner[R2].txt - [14164 octets] - [02/02/2014 14:25:38]
AdwCleaner[R30].txt - [3964 octets] - [17/07/2014 02:12:58]
AdwCleaner[R31].txt - [4106 octets] - [17/07/2014 16:22:51]
AdwCleaner[R32].txt - [4091 octets] - [26/07/2014 18:41:56]
AdwCleaner[R33].txt - [4240 octets] - [30/07/2014 13:30:57]
AdwCleaner[R34].txt - [4362 octets] - [30/07/2014 16:21:20]
AdwCleaner[R35].txt - [4423 octets] - [30/07/2014 16:22:24]
AdwCleaner[R36].txt - [2463 octets] - [30/07/2014 17:03:13]
AdwCleaner[R3].txt - [14225 octets] - [02/02/2014 14:50:34]
AdwCleaner[R4].txt - [14286 octets] - [02/02/2014 14:54:32]
AdwCleaner[R5].txt - [14347 octets] - [02/02/2014 14:57:40]
AdwCleaner[R6].txt - [14408 octets] - [02/02/2014 15:22:46]
AdwCleaner[R7].txt - [1280 octets] - [02/02/2014 15:25:35]
AdwCleaner[R8].txt - [1340 octets] - [02/02/2014 21:37:10]
AdwCleaner[R9].txt - [1460 octets] - [03/02/2014 14:30:03]
AdwCleaner[S0].txt - [14242 octets] - [02/02/2014 15:23:10]
AdwCleaner[S10].txt - [3583 octets] - [26/04/2014 14:22:10]
AdwCleaner[S11].txt - [3048 octets] - [15/05/2014 12:07:37]
AdwCleaner[S12].txt - [2866 octets] - [17/05/2014 15:09:56]
AdwCleaner[S13].txt - [2988 octets] - [18/05/2014 14:19:36]
AdwCleaner[S14].txt - [3230 octets] - [08/06/2014 15:39:27]
AdwCleaner[S15].txt - [3236 octets] - [08/06/2014 19:23:03]
AdwCleaner[S16].txt - [3358 octets] - [11/06/2014 15:17:49]
AdwCleaner[S17].txt - [3478 octets] - [18/06/2014 17:30:39]
AdwCleaner[S18].txt - [6751 octets] - [20/06/2014 20:13:12]
AdwCleaner[S19].txt - [3922 octets] - [09/07/2014 19:44:39]
AdwCleaner[S1].txt - [1401 octets] - [02/02/2014 21:37:39]
AdwCleaner[S20].txt - [3975 octets] - [17/07/2014 02:13:27]
AdwCleaner[S21].txt - [4122 octets] - [17/07/2014 16:23:24]
AdwCleaner[S22].txt - [4153 octets] - [26/07/2014 18:42:24]
AdwCleaner[S23].txt - [4302 octets] - [30/07/2014 13:32:22]
AdwCleaner[S24].txt - [4485 octets] - [30/07/2014 16:23:33]
AdwCleaner[S2].txt - [1582 octets] - [06/02/2014 14:19:34]
AdwCleaner[S3].txt - [1871 octets] - [08/02/2014 17:20:39]
AdwCleaner[S4].txt - [1960 octets] - [10/02/2014 14:04:30]
AdwCleaner[S5].txt - [2006 octets] - [11/02/2014 14:12:37]
AdwCleaner[S6].txt - [6774 octets] - [20/02/2014 19:45:24]
AdwCleaner[S7].txt - [2406 octets] - [26/02/2014 16:50:31]
AdwCleaner[S8].txt - [2899 octets] - [15/03/2014 15:29:35]
AdwCleaner[S9].txt - [2552 octets] - [05/04/2014 13:56:50]


########## EOF - C:\AdwCleaner\AdwCleaner[R36].txt - [4464 octets] ##########

Alles anzeigen

Nachteule

Hallo Alle Zusammen,
Wie der Betreff schon sagt möchte ich den sch... safefinder von yahoo löschen. ich hab schon alles mögliche probiert. Systemsteuerung, Malwarebites, CClaener, Spybot, Adware Cleaner. Nix zu machen. Wenn Ich ein neues Fenster anklicke
macht der safefinder auf. Mein letzte Aktion; ich habe in config!! unter -browser.newtab.url- die url von google gesetzt.
Jetzt macht auch der neue Tab wieder mit google auf.
Unter Systemsteuerung lässt sich der Sch..... aber nicht deinstallieren.
Hat irgendeiner von Euch eine Idee wie ich das gelöscht bekomme?? :-??

Danke schonmal
Nachteule

Nachteule

Dann habt recht herzlichen Dank für die Mühe und die sehr lehrreichen Tips.
IHR SEIT DIE BESTEN :klasse::klasse::klasse:
Nachteule

Nachteule

das wwar von mir auch nicht so gemeint sonst hätte ich ja wohl kaum gefragt. Die Zeitschriften mit ihren sogenannten Experten sind da schon was anderes. Man liest js dauernd Pc zu langsam Registry voll - also säubern mit 1000 und einer
Möglichkeit.
Also Fazit: Avast Ist ok. und zum Malware,Trojaner u.s.w. suchen, adwcleaner = suchen lassen dann löschen wie eben.?!

Nachteule

Naja das was ich weis kommt nur vom Lesen der 08/15 Seiten. wie ich schon sagte ich hab schon mal soviel gelöscht dass eine Neuinstallation nötig war. CCleaner = Fehler suchen -Beheben; Registry Fehler suchen beheben. Fertig. das gleiche S & D
prüfen Fehler beheben Fertig
Als Virenscanner habe ich Avast. Die kostenlose Version

Nachteule

Soweit ich feststellen kann ist jetzt Alles wieder ok. Aber eine Frage hätte ich noch.
Bis jetzt benutze ich CCleaner und S&D. Was wäre Euere Empfehlung? Da ich schon mal etwas nach eiem Reinigen zuviel gelöscht habe bin ich vorsichtig.

Nachteule

[attachment=0]5.PNG[/attachment]

Nachteule

AdwCleaner v3.018 - Bericht erstellt am 02/02/2014 um 13:57:40
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Udo - PC-UDO
# Gestartet von : C:\Users\Udo\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

***** [ Dateien / Ordner ] *****

Ordner Gefunden C:\Program Files (x86)\Conduit
Ordner Gefunden C:\Program Files (x86)\Plus-HD-3.8
Ordner Gefunden C:\ProgramData\Conduit
Ordner Gefunden C:\ProgramData\Tarma Installer
Ordner Gefunden C:\Users\Udo\AppData\Local\PackageAware
Ordner Gefunden C:\Users\Udo\AppData\Local\PutLockerDownloader
Ordner Gefunden C:\Users\Udo\AppData\LocalLow\Conduit
Ordner Gefunden C:\Users\Udo\AppData\LocalLow\Plus-HD-3.8
Ordner Gefunden C:\Users\Udo\AppData\LocalLow\PriceGong
Ordner Gefunden C:\Users\Udo\AppData\Roaming\DesktopIconForAmazon
Ordner Gefunden C:\Users\Udo\AppData\Roaming\OCS
Ordner Gefunden C:\Users\Udo\AppData\Roaming\OpenCandy
Ordner Gefunden C:\Users\Udo\AppData\Roaming\PriceGong
Ordner Gefunden C:\Windows\SysWOW64\Searchprotect

***** [ Verknüpfungen ] *****

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\smartbar
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\powerpack
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\UpdateStar
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\powerpack
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\UpdateStar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_online-radio-tuner_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_online-radio-tuner_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-anti-rootkit_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_panda-anti-rootkit_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_phonostar-player(1)_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_phonostar-player(1)_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_phonostar-player_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_phonostar-player_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Udo\AppData\Roaming\Mozilla\Firefox\Profiles\gx7a37qn.default\prefs.js ]

Zeile gefunden : user_pref("extensions.smarterwiki.search_surfcanyon", false);

*************************

AdwCleaner[R0].txt - [14042 octets] - [02/02/2014 12:52:48]
AdwCleaner[R1].txt - [14103 octets] - [02/02/2014 13:12:42]
AdwCleaner[R2].txt - [14164 octets] - [02/02/2014 13:25:38]
AdwCleaner[R3].txt - [14225 octets] - [02/02/2014 13:50:34]
AdwCleaner[R4].txt - [14286 octets] - [02/02/2014 13:54:32]
AdwCleaner[R5].txt - [13997 octets] - [02/02/2014 13:57:40]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [14058 octets] ##########

Nachteule

als code??

Nachteule

von 4 ist noch mehr
[attachment=0]4.PNG[/attachment][attachment=1]3.PNG[/attachment][attachment=2]2.PNG[/attachment]

Nachteule

bei dem Adwcleaner gibt es mehrere Regitrierkarten. Was soll ich kopieren?

Beiträge von Nachteule

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

safefinder smartbar löschen

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg

Alles ist weg