Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: startfenster.com hat mich auch erwischt...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 22.09.2012, 16:57   #1
Vik
 
startfenster.com hat mich auch erwischt... - Standard

startfenster.com hat mich auch erwischt...



Hallo!

Ich hoffe sehr, dass ihr mir helfen könnt.
Ich bin ziemlich neu hier und habe mir offenbar startfenster.com eingefangen, nachdem ich den VLC-Player installiert habe. Den VLC-Player habe ich blöderweise, wie schon einige andere hier (hinterher ist man immer schlauer) bei vlc.de runtergeladen. Ich wusste nicht, dass die Seite verseucht ist.
Ich habe den VLC-Player auch gleich wieder deinstalliert, hat aber nichts gebracht.

Mein System ist erst drei Tage alt, von daher ist das alles sehr sehr ärgerlich für mich.

Es wäre wirklich total klasse, wenn Ihr mir helfen könntet.

Grüße,

Viktor

Wie in den anderen Hilfethreads zu dem Thema, hab ich schonmal OTL runtergeladen und poste hier die beiden Logfiles, in der Hoffnung, dass das was hilft. :/

Log 1

Code:
ATTFilter
OTL Extras logfile created on: 22.09.2012 18:02:54 - Run 1
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Vik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,90 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 67,24% Memory free
11,81 Gb Paging File | 9,46 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917,66 Gb Total Space | 757,47 Gb Free Space | 82,54% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 110,35 Gb Free Space | 37,02% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 55,10 Gb Free Space | 23,66% Space Free | Partition Type: NTFS
 
Computer Name: SECONDVOK | User Name: Vik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E622B5F-2B22-44CA-880D-574DC6D7433A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{1F582862-20A7-4EC6-B684-7193FA94C5BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{20F6A743-B570-4043-8B44-F65D29B579F3}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 | 
"{26D06528-EB8A-4C67-B199-32654FAD9627}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{2CD5CBAE-A7EE-4F5E-8E18-AF46700C4C5C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2D67EA17-30C6-4904-8797-A5E75A9CE33D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{2EE2A4B1-ACF5-4617-868B-520DF8775928}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2F0D8396-D111-4C81-B108-EE89E84510ED}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{32C48D73-919D-4621-B25E-B3897B623B81}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{39205C9F-A3B9-4A88-820F-5BB6E57E6B84}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5E56A758-CCE5-409D-A2D2-856768ED53A0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8BCE8F79-5592-4BFF-849C-344C395F94CC}" = rport=137 | protocol=17 | dir=out | app=system | 
"{8E5AD6FC-BEBF-4332-8D04-D85FEDD69371}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{93E264FA-5A00-471D-87CC-974A6337FFDF}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 | 
"{95432524-DF96-4CCA-922E-9E3E30FF5F29}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 | 
"{9B8E78D1-6B95-4A2E-9CF6-F58D31546F0B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{B7DB574E-1955-4AA0-A42D-0CA52FCE90AB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BCC25D36-1AD0-41DB-AAB6-BE563AFD2CF5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CCB21521-D5BA-47B7-9734-6C654E8CDF13}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 | 
"{CDA2A0B1-41EA-4078-B7D2-CE312FAC9030}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{D24945EF-5F68-4ED6-BE8A-D3ECD07EE4B2}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{D2933A07-5E96-45EC-B277-AA56454FD5CB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D500B9B8-24CF-4AEF-BD74-74F287FAAD3A}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E616DFCC-C4A3-4DC4-AD6B-5F9220270325}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{E9745691-0E39-4A41-A849-CFCF6A717876}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F1F12A3A-2E40-4934-B1AD-33DCA8C0B8DA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F49472F3-4313-4844-9D1C-CC24153B8B12}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F8984970-3551-4DA2-9B64-E0EAA4587C29}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040E6BA0-F4C5-4372-BC39-A791B725D215}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{04184EFB-6D3E-4CB1-9605-CEAF7A0E43AE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{06BA1D3E-593F-4A59-9127-DDC530BD2DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{08055395-8DEF-4625-AEE5-9FFFA1222478}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0A749A05-0DA8-4F5E-BF9C-87D37D4BB7F3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0DAA2708-06E5-4736-AD69-74C254D9FFFE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1029645C-A8EC-47E3-B301-81303EBDD8B6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{154BE2C9-B791-4865-B159-575FD194B567}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{173AB0FD-A270-447B-A753-C7FCB33C09DB}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{263F5653-ABB8-4696-BA38-72F03FF5C0D0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{2E055F39-AA2A-455C-92D9-9F03FAAF31C4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{36B0CE9F-7F07-4EB8-93AF-F8948B6B5522}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3B3520A7-318D-4B4B-968D-E48AF86CEA39}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{3C0AB678-4F21-4CCB-9F31-4A81FA615D3B}" = protocol=6 | dir=out | app=system | 
"{46F4C754-FAD0-463B-8EE7-3789132BEFC7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4F423C04-B185-4386-8C32-2AB09F244273}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{57BC8F44-6064-485E-98AD-E49FA5B74FF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{6084BC92-7833-4C9D-BFF7-AC940F3C0B4D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{62E6481C-6F3A-4D7F-9402-F40B71E926F5}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{632B9862-2C27-4443-8C6E-0E3C47F58DE8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{64892A8F-9B6E-44DE-9D56-A66B515F7407}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{66BA8D54-5926-4B5C-969E-C581DE655555}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{6B2B4B4F-79D1-4441-BBB0-C42BE08F3C11}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{6EAC4336-F6F5-4B76-902C-76CF309DCF78}" = protocol=6 | dir=in | app=c:\users\vik\appdata\roaming\dropbox\bin\dropbox.exe | 
"{70ED9165-4DDF-4831-AA2B-000CAAAF4DA0}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{7374F428-B6D0-4234-830B-56E3D9939870}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{74878D4C-E2BE-452A-904C-0F215088AB65}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7DED1207-EA98-4224-B1E8-0193F714096D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{88FF216D-F6A4-489D-B51A-5C1E9E23C422}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A164B97-CA57-49C7-AE47-E1B3FD6024EC}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{8DF8C774-090A-4BFB-AF4E-81F9471CDF5C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{8ED30056-31DD-4429-B9DD-111A801A1422}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{A7BFFA29-0D84-44D9-AA02-5B7163911508}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B19B79D8-4332-4C06-865E-F1CDD1B9CEF2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B6A7E0AC-657F-47F2-B714-6211273DC3AE}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{BCD4F624-892D-4343-AF1E-0E614EE3D5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{BD1ED08B-8E0B-46C7-91D9-1E7A89147305}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C0C6D6B3-0F1D-4A09-B793-BF0BA3947DA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{C4A42610-89B6-458C-95F0-389F92288D77}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{CC2BC19E-B56A-4522-B75E-1BCFE06DAFF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{D334705F-E181-41C4-9A3C-B0F4DE99E6A2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D6E38A44-9AD6-4AB9-B042-41D7D6C3880E}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{E0609CF5-D2E2-4FCC-8EDE-1DDC21CCB411}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{E9715CD3-369F-4430-A2F9-2EC75D9062DB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{EC80FA3F-C3DB-4076-B3F6-8635603347D1}" = protocol=17 | dir=in | app=c:\users\vik\appdata\roaming\dropbox\bin\dropbox.exe | 
"{F0828229-2E20-4EF4-9747-B7768CDF3CA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{1ED2A5B2-5CCA-4BE0-BF56-D749BE069D34}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"TCP Query User{44E84D1C-1E97-498D-BB3C-B34E9CD3B9AB}C:\users\vik\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\vik\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{77C91892-7CD6-4FD4-B637-91A93DAEBF54}C:\users\vik\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\vik\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{7A1B02FD-7669-491D-AF70-655B4D3C3C70}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{574F536C-91D3-8BDD-13EA-1B14E93AA62D}" = AMD AVIVO64 Codecs
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{7ED590E8-636E-EBAF-70C7-6795361F8049}" = AMD Catalyst Install Manager
"{7F38D6AA-FB53-B407-713B-16C3DFEFF295}" = ccc-utility64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A8C38A-0239-11E0-9658-189EDFD72085}" = M-Audio FastTrack Driver 6.0.6 (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant SmartAudio HD
"Dell Support Center" = Dell Support Center
"Elantech" = Dell Touchpad
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B30A48-8220-D4B3-9D3C-232FE328072D}" = Catalyst Control Center Profiles Mobile
"{0367F4BE-9C43-5A40-5D86-698CC3571FA2}" = CCC Help Japanese
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13A2CFE9-0E35-1977-1F70-E5ABD1144895}" = CCC Help English
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22EFB9E1-9645-B653-0B56-DC55C97877EB}" = CCC Help French
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2ED7B985-0F6B-FBB2-DC69-18C827CEA162}" = CCC Help Russian
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30785138-0F0A-5446-1034-E9B4D7181299}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}" = Dell MusicStage
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5D4979CC-3165-00B6-22E9-C7441BFF54DD}" = Catalyst Control Center
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68250DF8-09FA-9892-65A2-C802F7BECE26}" = CCC Help Norwegian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68F870FF-B037-390A-E5AE-11BCA6BDF73E}" = CCC Help Italian
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FECAD13-D225-9B4A-20E4-3982F2E8F495}" = PX Profile Update
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0449A5E-D77E-7ECE-D4FE-DEE3B5D5B7DE}" = Catalyst Control Center InstallProxy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF5995B3-399B-4895-B8EB-F4EC26216A46}" = CCC Help Korean
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B021725C-97E3-3B3C-13E1-A6B760D0A1F2}" = Catalyst Control Center Localization All
"{B0DFDE69-0604-3023-AB95-5B71597DE052}" = CCC Help Dutch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2C769FD-ACF8-10D5-6D4D-B9F9242A292C}" = CCC Help Chinese Traditional
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CD9CDB9B-123C-1FF3-2746-FBF122529F7D}" = CCC Help Portuguese
"{CE5EBCBC-5D83-4637-967E-5E06CA89A996}" = Dell Stage
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB89DE9-C8FD-4D33-986A-DBDEC5309378}" = Catalyst Control Center - Branding
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D265754E-A8FE-7310-16D6-32EE1BAC438E}" = CCC Help Swedish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DBDA152C-5F59-9854-A611-0C4E63DB2B57}" = CCC Help Chinese Standard
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E85AE848-08C8-2660-CA03-55BEF4EA03DD}" = CCC Help Finnish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5E43D09-96AF-4CA0-85AE-9134E7FFA7FC}" = Dell Digital Delivery
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9C5A816-7BB7-97BC-2004-CAE96601BB06}" = CCC Help Danish
"{FEBD2D51-2B6D-F65F-C67F-C094600D353E}" = CCC Help German
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Avira AntiVir Desktop" = Avira Free Antivirus
"Dell Webcam Central" = Dell Webcam Central
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"LastFM_is1" = Last.fm 1.5.4.27091
"PS3 Media Server" = PS3 Media Server
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WT089409" = Bejeweled 2 Deluxe
"WT089411" = Build-a-lot 2
"WT089412" = Cake Mania
"WT089413" = Chuzzle Deluxe
"WT089414" = Diner Dash 2 Restaurant Rescue
"WT089415" = Dora's World Adventure
"WT089418" = FATE
"WT089420" = Jewel Quest
"WT089422" = Jewel Quest Solitaire 2
"WT089433" = Polar Golfer
"WT089434" = Escape Whisper Valley (TM)
"WT089440" = Namco All-Stars PAC-MAN
"WT089444" = Final Drive Nitro
"WT089445" = Penguins!
"WT089446" = Wedding Dash - Ready, Aim, Love!
"WT089448" = Zuma Deluxe
"WT089450" = Farm Frenzy
"WT089452" = Plants vs. Zombies - Game of the Year
"WT089499" = Final Drive Fury
"WT089503" = Samantha Swift
"WT089507" = Luxor
"WT089508" = Polar Bowler
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.09.2012 15:51:49 | Computer Name = SecondVok | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\ATI\CIM\Bin64\SetACL64.exe".
Die
 abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.09.2012 12:01:24 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.09.2012 12:04:45 | Computer Name = SecondVok | Source = LegacyUninstaller | ID = 0
Description = 
 
Error - 21.09.2012 14:41:24 | Computer Name = SecondVok | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\ATI\CIM\Bin64\SetACL64.exe".
Die
 abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 21.09.2012 15:33:44 | Computer Name = SecondVok | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.7.0.21, Zeitstempel:
 0x504d85d9  Name des fehlerhaften Moduls: iTunes.dll, Version: 10.7.0.21, Zeitstempel:
 0x504d85b5  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0072359f  ID des fehlerhaften Prozesses:
 0x1544  Startzeit der fehlerhaften Anwendung: 0x01cd9815c61c97b3  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\iTunes\iTunes.dll  Berichtskennung: 40b92247-0423-11e2-84d7-d4bed92c190e
 
Error - 21.09.2012 15:55:56 | Computer Name = SecondVok | Source = Application Hang | ID = 1002
Description = Programm JDownloaderSetup.exe, Version 0.0.0.0 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 15c4    Startzeit: 01cd9832a476baa0    Endzeit: 6    Anwendungspfad: 
C:\Users\Vik\AppData\Local\Temp\JDownloaderSetup.exe    Berichts-ID:   
 
Error - 21.09.2012 16:43:21 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.09.2012 10:59:20 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.09.2012 11:10:10 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.09.2012 11:46:32 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 22.09.2012 11:08:09 | Computer Name = SecondVok | Source = DCOM | ID = 10010
Description = 
 
Error - 22.09.2012 11:10:18 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 22.09.2012 11:10:18 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 22.09.2012 11:10:18 | Computer Name = SecondVok | Source = DCOM | ID = 10005
Description = 
 
Error - 22.09.2012 11:31:17 | Computer Name = SecondVok | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 22.09.2012 11:43:52 | Computer Name = SecondVok | Source = DCOM | ID = 10010
Description = 
 
Error - 22.09.2012 11:46:55 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Peernetzwerkidentitäts-Manager erreicht.
 
Error - 22.09.2012 11:46:55 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Peernetzwerkidentitäts-Manager" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 22.09.2012 11:46:55 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peernetzwerkidentitäts-Manager"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1053
 
Error - 22.09.2012 11:46:55 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peer Name Resolution-Protokoll" ist vom Dienst "Peernetzwerkidentitäts-Manager"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1053
 
 
< End of report >
         
Log 2

Code:
ATTFilter
OTL logfile created on: 22.09.2012 18:02:54 - Run 1
OTL by OldTimer - Version 3.2.65.1     Folder = C:\Users\Vik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,90 Gb Total Physical Memory | 3,97 Gb Available Physical Memory | 67,24% Memory free
11,81 Gb Paging File | 9,46 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917,66 Gb Total Space | 757,47 Gb Free Space | 82,54% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 110,35 Gb Free Space | 37,02% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 55,10 Gb Free Space | 23,66% Space Free | Partition Type: NTFS
 
Computer Name: SECONDVOK | User Name: Vik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Vik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Vik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Vik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6b25225fabfa2a35d5b77814c049dd21\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\42e0d441b0169e18fdf892fd0f699bbc\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Users\Vik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\DataService.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (CxUtilSvc) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (DellDigitalDelivery) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe (Dell Products, LP.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\Windows\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (MAUSBFASTTRACK) -- C:\Windows\SysNative\drivers\MAudioFastTrack.sys (Avid Technology, Inc.)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {745A0B21-6974-4848-AD3A-10CE7B9EDA68}
IE:64bit: - HKLM\..\SearchScopes\{745A0B21-6974-4848-AD3A-10CE7B9EDA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {745A0B21-6974-4848-AD3A-10CE7B9EDA68}
IE - HKLM\..\SearchScopes\{745A0B21-6974-4848-AD3A-10CE7B9EDA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKCU\..\SearchScopes,DefaultScope = {745A0B21-6974-4848-AD3A-10CE7B9EDA68}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
 
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Kalender = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Google Play = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: Desktop = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo\1.0_0\
CHR - Extension: Google Mail = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Vik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Vik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.68.161.141 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2185D25D-921D-47D0-A60B-9ED6DC818288}: DhcpNameServer = 217.68.161.141 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{883C64CF-9A0A-45C3-9205-26FF40386873}: DhcpNameServer = 217.68.161.141 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk F:\
O32 - Unable to obtain root file information for disk H:\
O33 - MountPoints2\{2ffbb41c-9872-11e1-8f43-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2ffbb41c-9872-11e1-8f43-806e6f6e6963}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{2ffbb41c-9872-11e1-8f43-806e6f6e6963}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{2ffbb41c-9872-11e1-8f43-806e6f6e6963}\Shell\install\command - "" = D:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.22 18:01:21 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\Vik\Desktop\OTL.exe
[2012.09.22 17:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.09.22 17:49:09 | 003,927,560 | ---- | C] (Piriform Ltd) -- C:\Users\Vik\Desktop\ccsetup322.exe
[2012.09.21 23:06:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.09.21 22:58:05 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.21 22:58:05 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.21 22:58:04 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.21 22:58:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.21 22:58:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.21 22:58:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.21 22:58:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.21 22:58:04 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.21 22:58:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.21 22:58:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.21 22:58:03 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.21 22:58:02 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.21 22:58:01 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.21 22:57:41 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.09.21 22:57:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.21 22:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.09.21 22:57:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.09.21 22:57:10 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.09.21 22:57:09 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.09.21 22:47:45 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\Madmax
[2012.09.21 22:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2012.09.21 22:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.09.21 22:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.09.21 22:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012.09.21 22:41:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.09.21 22:41:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2012.09.21 22:41:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.09.21 22:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2012.09.21 22:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012.09.21 22:38:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2012.09.21 22:38:18 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Microsoft Help
[2012.09.21 22:38:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.09.21 22:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.09.21 22:37:54 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.09.21 22:22:42 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\Microsoft.Office.Professional.Plus.2010.x64.SP1.VL.German-Madmax
[2012.09.21 22:18:33 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\WinRAR
[2012.09.21 22:18:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.21 22:18:32 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.21 22:18:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.09.21 22:15:45 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\office
[2012.09.21 22:01:50 | 000,000,000 | ---D | C] -- C:\Down
[2012.09.21 22:01:48 | 000,000,000 | ---D | C] -- C:\Neuer Ordner
[2012.09.21 22:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2012.09.21 21:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.09.21 21:53:12 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Wajam
[2012.09.21 21:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2012.09.21 21:32:06 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Last.fm
[2012.09.21 21:32:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
[2012.09.21 21:32:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm
[2012.09.21 18:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
[2012.09.21 18:10:01 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.09.21 18:10:01 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.09.21 18:10:01 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.09.21 18:09:42 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.09.21 18:09:40 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.09.21 18:09:39 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.09.21 18:09:35 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.09.21 18:09:35 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.09.21 18:09:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.09.21 18:09:28 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.09.21 18:09:18 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.09.21 18:09:18 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.09.21 18:05:18 | 000,000,000 | ---D | C] -- C:\Program Files\M-Audio
[2012.09.21 18:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2012.09.20 22:16:46 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2012.09.20 20:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
[2012.09.20 20:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2012.09.20 20:51:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PS3 Media Server
[2012.09.20 20:23:27 | 000,000,000 | R--D | C] -- C:\MP3s
[2012.09.20 20:11:14 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\Xenon
[2012.09.20 20:11:10 | 000,000,000 | R--D | C] -- C:\Users\Vik\Desktop\Stuff
[2012.09.20 20:10:55 | 000,000,000 | R--D | C] -- C:\Users\Vik\Desktop\Uni
[2012.09.20 20:10:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2012.09.20 20:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2012.09.20 20:09:47 | 000,000,000 | ---D | C] -- C:\Users\Vik\Mein Backup Datei
[2012.09.20 20:08:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.09.20 19:33:18 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Avira
[2012.09.20 19:27:51 | 000,000,000 | R--D | C] -- C:\Users\Vik\Dropbox
[2012.09.20 19:27:07 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.09.20 19:27:07 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.09.20 19:27:07 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.09.20 19:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.20 19:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.09.20 19:26:54 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2012.09.20 19:26:40 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Dropbox
[2012.09.20 19:21:22 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\Downloads
[2012.09.20 15:00:37 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Apple Computer
[2012.09.20 15:00:37 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Apple Computer
[2012.09.20 15:00:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.09.20 15:00:07 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2012.09.20 15:00:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.09.20 14:59:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.09.20 14:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.09.20 14:59:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.09.20 14:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.09.20 14:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2012.09.20 14:58:33 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Apple
[2012.09.20 14:58:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.09.20 14:58:19 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\SoftGrid Client
[2012.09.20 14:58:19 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\SoftGrid Client
[2012.09.20 14:58:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.09.20 14:58:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.09.20 14:58:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.09.20 14:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.09.20 14:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.09.20 14:57:22 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\TP
[2012.09.20 14:53:37 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Spotify
[2012.09.20 14:53:10 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.09.20 14:32:17 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Spotify
[2012.09.20 14:24:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery
[2012.09.20 13:21:50 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.09.20 13:21:50 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.09.20 13:21:48 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Google
[2012.09.20 13:21:13 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Apps
[2012.09.20 13:21:12 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Deployment
[2012.09.20 13:20:26 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Adobe
[2012.09.20 13:19:21 | 000,000,000 | -HSD | C] -- C:\System Recovery
[2012.09.20 13:18:42 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Dell
[2012.09.20 13:18:19 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Broadcom
[2012.09.20 13:18:19 | 000,000,000 | ---D | C] -- C:\Users\Vik\Documents\Bluetooth-Exchange-Ordner
[2012.09.20 13:18:06 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Fingertapps
[2012.09.20 13:17:30 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Dell
[2012.09.20 13:17:26 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Conexant
[2012.09.20 13:17:20 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\ATI
[2012.09.20 13:17:20 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\ATI
[2012.09.20 13:17:18 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Creative
[2012.09.20 13:17:14 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Intel Corporation
[2012.09.20 13:16:53 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.20 13:16:53 | 000,000,000 | R--D | C] -- C:\Users\Vik\Searches
[2012.09.20 13:16:53 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.20 13:16:45 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Identities
[2012.09.20 13:16:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Contacts
[2012.09.20 13:16:39 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\VirtualStore
[2012.09.20 13:15:25 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.09.20 13:15:25 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.09.20 13:15:25 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.09.20 13:15:00 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.09.20 13:15:00 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.09.20 13:15:00 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.09.20 13:14:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.09.20 13:14:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.09.20 13:13:38 | 000,000,000 | --SD | C] -- C:\Users\Vik\AppData\Roaming\Microsoft
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Videos
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Saved Games
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Pictures
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Music
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Links
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Favorites
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Downloads
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Documents
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\Desktop
[2012.09.20 13:13:38 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Vorlagen
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Verlauf
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Temporary Internet Files
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Startmenü
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\SendTo
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Recent
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Netzwerkumgebung
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Lokale Einstellungen
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Videos
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Musik
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Eigene Dateien
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Bilder
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Druckumgebung
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Cookies
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Anwendungsdaten
[2012.09.20 13:13:38 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Anwendungsdaten
[2012.09.20 13:13:38 | 000,000,000 | -H-D | C] -- C:\Users\Vik\AppData
[2012.09.20 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Temp
[2012.09.20 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\SoftThinks
[2012.09.20 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Microsoft
[2012.09.20 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Media Center Programs
[2012.09.20 13:13:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Macromedia
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.20 13:13:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.22 18:02:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1001UA.job
[2012.09.22 18:01:20 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\Vik\Desktop\OTL.exe
[2012.09.22 17:57:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.22 17:53:27 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 17:53:27 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 17:49:24 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.22 17:49:06 | 003,927,560 | ---- | M] (Piriform Ltd) -- C:\Users\Vik\Desktop\ccsetup322.exe
[2012.09.22 17:44:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.22 17:44:40 | 460,079,103 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 16:57:50 | 000,416,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.09.22 16:54:47 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.09.21 23:05:51 | 001,634,476 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.21 23:05:51 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.21 23:05:51 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.21 23:05:51 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.21 23:05:51 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.21 23:01:54 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.21 20:02:01 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1001Core.job
[2012.09.21 18:30:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.20 20:10:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012.09.20 19:27:51 | 000,001,042 | ---- | M] () -- C:\Users\Vik\Desktop\Dropbox.lnk
[2012.09.20 19:26:59 | 000,001,052 | ---- | M] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.09.20 14:53:36 | 000,001,800 | ---- | M] () -- C:\Users\Vik\Desktop\Spotify.lnk
[2012.09.20 13:27:14 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.09.20 13:11:32 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.09.20 13:11:32 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.09.07 20:26:05 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.09.07 20:26:05 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.09.07 20:26:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
 
========== Files Created - No Company Name ==========
 
[2012.09.22 17:49:24 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.21 22:01:11 | 000,002,007 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2012.09.21 22:01:11 | 000,001,951 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2012.09.21 22:01:11 | 000,001,930 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2012.09.21 18:30:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.20 20:10:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012.09.20 19:27:51 | 000,001,042 | ---- | C] () -- C:\Users\Vik\Desktop\Dropbox.lnk
[2012.09.20 19:26:59 | 000,001,052 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.09.20 14:58:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.09.20 14:53:36 | 000,001,800 | ---- | C] () -- C:\Users\Vik\Desktop\Spotify.lnk
[2012.09.20 14:53:36 | 000,001,786 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012.09.20 14:52:18 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1001UA.job
[2012.09.20 14:52:18 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1001Core.job
[2012.09.20 14:24:41 | 000,000,970 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Digital Delivery.lnk
[2012.09.20 13:16:58 | 000,001,371 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.09.20 13:16:54 | 000,001,445 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.09.20 13:15:57 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.09.20 13:15:53 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.09.20 13:14:10 | 000,001,939 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
[2012.05.08 05:07:23 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.05.08 05:07:21 | 000,559,780 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.05.08 05:07:17 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.05.08 05:07:14 | 013,001,728 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.05.08 05:07:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.05.08 05:07:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.08 05:07:08 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.05.08 04:01:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.05.08 03:59:53 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.02.16 09:34:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.16 09:34:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.01.11 03:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.02.11 12:22:50 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2012.09.20 19:43:46 | 000,000,000 | ---D | M] -- C:\Users\Vik\AppData\Roaming\Dropbox\l
[2012.09.20 19:27:35 | 000,000,000 | ---D | M] -- C:\Users\Vik\AppData\Roaming\Dropbox\installer\l
[2012.09.22 18:01:17 | 000,000,000 | ---D | M] -- C:\Users\Vik\AppData\Roaming\Dropbox\shellext\l
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

< End of report >
         

Alt 23.09.2012, 10:21   #2
Vik
 
startfenster.com hat mich auch erwischt... - Standard

startfenster.com hat mich auch erwischt...



Hallo!

Ich habe jetzt doch mein System neu aufgesetzt. Bin mir aber absolut nicht sicher, ob der Trojaner verschwunden ist, oder ob es überhaupt etwas gebracht hat.
Kann ich das irgendwie herausfinden?

Falls es hilft, hier nochmal zwei neue OTL-Logs

Code:
ATTFilter
OTL Extras logfile created on: 23.09.2012 11:08:43 - Run 1
OTL by OldTimer - Version 3.2.66.0     Folder = C:\Users\Vik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,90 Gb Total Physical Memory | 3,90 Gb Available Physical Memory | 65,99% Memory free
11,81 Gb Paging File | 9,25 Gb Available in Paging File | 78,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917,66 Gb Total Space | 880,77 Gb Free Space | 95,98% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 110,35 Gb Free Space | 37,02% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 55,10 Gb Free Space | 23,66% Space Free | Partition Type: NTFS
 
Computer Name: SECONDVOK | User Name: Vik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FB9B28E-FAB5-4C80-BADB-4422DA59CCCA}" = lport=137 | protocol=17 | dir=in | app=system | 
"{10C5F1C8-E95D-4755-91D7-F875B67860CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{12B072A4-90A2-44C7-AF29-A8616EBB72E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{20F6A743-B570-4043-8B44-F65D29B579F3}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 | 
"{2C9D4189-967D-4279-BDCD-482836E4BCE2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{46D51C08-CE11-4952-A166-C4D2C06B2DC8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{50FB68E3-3845-4169-AE08-30A368FFEF7A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5668BBA3-084B-42D3-9EF0-A209804F1D3D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{57C6D17F-EBF9-416A-9D9F-DDBC92C5B0A9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7F971BDA-E599-43DF-ADE4-18599C9D6A60}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{93E264FA-5A00-471D-87CC-974A6337FFDF}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 | 
"{95432524-DF96-4CCA-922E-9E3E30FF5F29}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 | 
"{9B8E78D1-6B95-4A2E-9CF6-F58D31546F0B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{B4C9E974-3154-474E-A3FC-DCE21D5698FC}" = rport=445 | protocol=6 | dir=out | app=system | 
"{B6D02C8D-8A02-4F8B-918E-B004F4DC1069}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C90577A0-FBC9-403A-99D2-5066DBD97C26}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CB5CF257-3FA3-4B01-A084-C260D4DD7309}" = rport=137 | protocol=17 | dir=out | app=system | 
"{CCB21521-D5BA-47B7-9734-6C654E8CDF13}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 | 
"{D229D9EE-2354-4D4C-9F34-46DC6590357D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DBB09FF5-AC22-4FAB-A570-332E9680BBD7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{DCF233DC-C533-4695-825E-00B07D43EC47}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{E22FFBCC-65B3-469D-B165-B6EDA5B55B61}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E32F73BA-AC32-40D8-B33E-C92DDF0753F0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E616DFCC-C4A3-4DC4-AD6B-5F9220270325}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{EC0B2980-3109-4467-971F-C8FDA9C57F4F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F34417DA-6CE1-41F2-B471-639224C743C3}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F391D491-1FB6-4A29-BC74-965662AEF0E8}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BA1D3E-593F-4A59-9127-DDC530BD2DD2}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{0764AD6D-C9FC-4E62-88D9-F1083BD45754}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe | 
"{173AB0FD-A270-447B-A753-C7FCB33C09DB}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{18826B1C-80AC-490D-B343-04AB73D0432C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{20EF2A86-4642-46F5-A025-DF198C281203}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{263F5653-ABB8-4696-BA38-72F03FF5C0D0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{2731E323-89BF-4AFC-B01E-916A8DFBD1E4}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe | 
"{281F4065-D5DF-480E-B579-E65CD7938AAC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2BD6BCC1-D623-49F7-8811-EE70CBF143C0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{310739E1-DE61-496E-8743-8CEF8545F310}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3B3520A7-318D-4B4B-968D-E48AF86CEA39}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{4A4AFBA1-E94C-4958-84FD-07280B73FBA1}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe | 
"{4CA6C01C-326C-4DA5-AEC9-B6F9FE0DDF18}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4E0EB8D4-C4B4-4AC9-AA23-99E2B4D97108}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{5C9B2D46-820E-4E2F-9D89-7FB8AA3D12F9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6084BC92-7833-4C9D-BFF7-AC940F3C0B4D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{62E6481C-6F3A-4D7F-9402-F40B71E926F5}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe | 
"{6B2B4B4F-79D1-4441-BBB0-C42BE08F3C11}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{6BFE130C-2468-4597-941E-C21009B956D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6C131562-D0AA-4A99-A5FF-8DA88F289D5C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{6CA5B80E-9787-43FE-872F-C76A3AA9519D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{70ED9165-4DDF-4831-AA2B-000CAAAF4DA0}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{817B413C-C604-4910-85C7-4297A4D6D1FF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8A164B97-CA57-49C7-AE47-E1B3FD6024EC}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe | 
"{8DF8C774-090A-4BFB-AF4E-81F9471CDF5C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe | 
"{8ED30056-31DD-4429-B9DD-111A801A1422}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe | 
"{91415537-90D3-40C3-8C8C-A52F12CFB518}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{94614509-E89F-42B7-A70A-33E309C8FF84}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B367EC6-851C-40C7-A4F7-1D9D59813856}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{A583C8DB-7169-4AEF-B66B-B364C8DA3753}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{A8A7772E-A975-453E-9917-52D8799CE7BD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B6A7E0AC-657F-47F2-B714-6211273DC3AE}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{BB542615-6160-4787-83DA-C1B7C717B9C5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BCD4F624-892D-4343-AF1E-0E614EE3D5D6}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe | 
"{C145DC6D-B6B9-48F4-BCA5-9D60768D8A1E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{C1E9BD48-C1B9-40BF-B291-23615A6FED4A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC2BC19E-B56A-4522-B75E-1BCFE06DAFF3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{D6E38A44-9AD6-4AB9-B042-41D7D6C3880E}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe | 
"{D9CEDABD-FE78-490B-8822-93BF556340B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DD00A9AF-CCF0-48EF-A9B0-393675C6837F}" = protocol=6 | dir=out | app=system | 
"{DEBBC565-29C3-45B3-9806-9A9B38AC79BA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{E1B41C6B-3465-4403-8F98-F85AB42DFAC7}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E36ED967-3159-4A4B-B3E8-3169823BECB4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E7612CB1-E04A-42D6-9529-33417EFFCA61}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F2740942-545B-4F00-B10D-BF39CEBEFDEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FCC3C419-EB68-4313-BEE8-86AD1D8DB9D0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{FFA9B819-07A3-4FBD-8463-E5BDB3792DE8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"TCP Query User{BE16A4F9-AC8B-45AA-AFA0-D8ADDECF264D}C:\#down\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\#down\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{8487EC05-16DE-409A-91E1-3161E99DCFFD}C:\#down\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\#down\jdownloader\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{538B98C3-773F-4F20-9C66-802D104DCBE2}" = Intel® Trusted Connect Service Client
"{574F536C-91D3-8BDD-13EA-1B14E93AA62D}" = AMD AVIVO64 Codecs
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{7ED590E8-636E-EBAF-70C7-6795361F8049}" = AMD Catalyst Install Manager
"{7F38D6AA-FB53-B407-713B-16C3DFEFF295}" = ccc-utility64
"{825ECBB1-2BCD-4BA5-BB46-63DB8D9ABF45}" = AVG 2013
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}" = WIDCOMM Bluetooth Software
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E79A9906-B06E-4937-8B85-88F1E41A2C0C}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2013
"CNXT_AUDIO_HDA" = Conexant SmartAudio HD
"Dell Support Center" = Dell Support Center
"Elantech" = Dell Touchpad
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01B30A48-8220-D4B3-9D3C-232FE328072D}" = Catalyst Control Center Profiles Mobile
"{0367F4BE-9C43-5A40-5D86-698CC3571FA2}" = CCC Help Japanese
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{13A2CFE9-0E35-1977-1F70-E5ABD1144895}" = CCC Help English
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22EFB9E1-9645-B653-0B56-DC55C97877EB}" = CCC Help French
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2ED7B985-0F6B-FBB2-DC69-18C827CEA162}" = CCC Help Russian
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30785138-0F0A-5446-1034-E9B4D7181299}" = CCC Help Spanish
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}" = Dell MusicStage
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5D4979CC-3165-00B6-22E9-C7441BFF54DD}" = Catalyst Control Center
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68250DF8-09FA-9892-65A2-C802F7BECE26}" = CCC Help Norwegian
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68F870FF-B037-390A-E5AE-11BCA6BDF73E}" = CCC Help Italian
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FECAD13-D225-9B4A-20E4-3982F2E8F495}" = PX Profile Update
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0449A5E-D77E-7ECE-D4FE-DEE3B5D5B7DE}" = Catalyst Control Center InstallProxy
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF5995B3-399B-4895-B8EB-F4EC26216A46}" = CCC Help Korean
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B021725C-97E3-3B3C-13E1-A6B760D0A1F2}" = Catalyst Control Center Localization All
"{B0DFDE69-0604-3023-AB95-5B71597DE052}" = CCC Help Dutch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2C769FD-ACF8-10D5-6D4D-B9F9242A292C}" = CCC Help Chinese Traditional
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C28D96C0-6A90-459E-A077-A6706F4EC0FC}" = Bing Bar
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CD9CDB9B-123C-1FF3-2746-FBF122529F7D}" = CCC Help Portuguese
"{CE5EBCBC-5D83-4637-967E-5E06CA89A996}" = Dell Stage
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFB89DE9-C8FD-4D33-986A-DBDEC5309378}" = Catalyst Control Center - Branding
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D265754E-A8FE-7310-16D6-32EE1BAC438E}" = CCC Help Swedish
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DBDA152C-5F59-9854-A611-0C4E63DB2B57}" = CCC Help Chinese Standard
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E85AE848-08C8-2660-CA03-55BEF4EA03DD}" = CCC Help Finnish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9C5A816-7BB7-97BC-2004-CAE96601BB06}" = CCC Help Danish
"{FEBD2D51-2B6D-F65F-C67F-C094600D353E}" = CCC Help German
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Dell Webcam Central" = Dell Webcam Central
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage 
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WT089409" = Bejeweled 2 Deluxe
"WT089411" = Build-a-lot 2
"WT089412" = Cake Mania
"WT089413" = Chuzzle Deluxe
"WT089414" = Diner Dash 2 Restaurant Rescue
"WT089415" = Dora's World Adventure
"WT089418" = FATE
"WT089420" = Jewel Quest
"WT089422" = Jewel Quest Solitaire 2
"WT089433" = Polar Golfer
"WT089434" = Escape Whisper Valley (TM)
"WT089440" = Namco All-Stars PAC-MAN
"WT089444" = Final Drive Nitro
"WT089445" = Penguins!
"WT089446" = Wedding Dash - Ready, Aim, Love!
"WT089448" = Zuma Deluxe
"WT089450" = Farm Frenzy
"WT089452" = Plants vs. Zombies - Game of the Year
"WT089499" = Final Drive Fury
"WT089503" = Samantha Swift
"WT089507" = Luxor
"WT089508" = Polar Bowler
"ZinioReader4" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.09.2012 16:49:26 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 22.09.2012 16:49:27 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 23.09.2012 04:14:38 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.09.2012 04:26:30 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.09.2012 04:34:35 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 23.09.2012 04:34:35 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 23.09.2012 04:34:45 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 23.09.2012 04:34:50 | Computer Name = SecondVok | Source = System Restore | ID = 8193
Description = 
 
Error - 23.09.2012 04:59:18 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.09.2012 05:01:52 | Computer Name = SecondVok | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 23.09.2012 04:26:03 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 23.09.2012 04:34:28 | Computer Name = SecondVok | Source = DCOM | ID = 10010
Description = 
 
Error - 23.09.2012 04:56:13 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 04:58:02 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 04:58:12 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 04:58:17 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
Error - 23.09.2012 04:59:30 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 05:01:07 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 05:01:13 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 23.09.2012 05:01:18 | Computer Name = SecondVok | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SBRE
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 23.09.2012 11:08:43 - Run 1
OTL by OldTimer - Version 3.2.66.0     Folder = C:\Users\Vik\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,90 Gb Total Physical Memory | 3,90 Gb Available Physical Memory | 65,99% Memory free
11,81 Gb Paging File | 9,25 Gb Available in Paging File | 78,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917,66 Gb Total Space | 880,77 Gb Free Space | 95,98% Space Free | Partition Type: NTFS
Drive F: | 298,09 Gb Total Space | 110,35 Gb Free Space | 37,02% Space Free | Partition Type: NTFS
Drive H: | 232,88 Gb Total Space | 55,10 Gb Free Space | 23,66% Space Free | Partition Type: NTFS
 
Computer Name: SECONDVOK | User Name: Vik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Vik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll ()
MOD - C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll ()
MOD - C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\DataService.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (btwdins) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (AMD External Events Utility) -- C:\WINDOWS\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Intel(R) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (CxUtilSvc) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (vToolbarUpdater12.2.6) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (cphs) -- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\WINDOWS\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (AVGIDSHA) -- C:\WINDOWS\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgmfx64) -- C:\WINDOWS\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgtdia) -- C:\WINDOWS\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\WINDOWS\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\WINDOWS\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgrkx64) -- C:\WINDOWS\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\WINDOWS\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdsata) -- C:\WINDOWS\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\WINDOWS\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BCM43XX) -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (btwampfl) -- C:\WINDOWS\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (bcbtums) -- C:\WINDOWS\SysNative\drivers\bcbtums.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\WINDOWS\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\WINDOWS\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\WINDOWS\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\WINDOWS\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (amdkmdag) -- C:\WINDOWS\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\WINDOWS\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\WINDOWS\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RSUSBVSTOR) -- C:\WINDOWS\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (iusb3xhc) -- C:\WINDOWS\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\WINDOWS\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\WINDOWS\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (intelkmd) -- C:\WINDOWS\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (ETD) -- C:\WINDOWS\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (CnxtHdAudService) -- C:\WINDOWS\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (IntcDAud) -- C:\WINDOWS\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\WINDOWS\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (MEIx64) -- C:\WINDOWS\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Point64) -- C:\WINDOWS\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (TurboB) -- C:\WINDOWS\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\WINDOWS\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\WINDOWS\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\WINDOWS\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\WINDOWS\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH)
DRV - (a2injectiondriver) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys (Emsisoft GmbH)
DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH)
DRV - (a2util) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys (Emsi Software GmbH)
DRV - (WIMMount) -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {745A0B21-6974-4848-AD3A-10CE7B9EDA68}
IE:64bit: - HKLM\..\SearchScopes\{745A0B21-6974-4848-AD3A-10CE7B9EDA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {745A0B21-6974-4848-AD3A-10CE7B9EDA68}
IE - HKLM\..\SearchScopes\{745A0B21-6974-4848-AD3A-10CE7B9EDA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/USCON/8
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={C8BC0AC8-AB06-44D4-AB26-8476A79C9EB1}&mid=cc18fa873b0d47d0828505f79fc8f0fd-621e3c40a0be2afd71b7ee3c4e6352285de0bfee&lang=de&ds=AVG&pr=fr&d=2012-09-22 22:50:06&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Vik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Vik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.34\ [2012.09.22 22:50:07 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Vik\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Vik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Google Kalender = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Google Play = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: AVG Secure Search = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.34_0\
CHR - Extension: Desktop = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafkcccccfmnjkhhndjfffifnflhkpdo\1.0_0\
CHR - Extension: Google Mail = C:\Users\Vik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.68.161.141 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{883C64CF-9A0A-45C3-9205-26FF40386873}: DhcpNameServer = 217.68.161.141 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.11 00:58:34 | 000,000,062 | ---- | M] () - F:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2007.08.17 14:48:16 | 000,000,040 | ---- | M] () - H:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.23 11:08:21 | 000,601,600 | ---- | C] (OldTimer Tools) -- C:\Users\Vik\Desktop\OTL.exe
[2012.09.23 10:46:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2012.09.23 10:39:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.23 10:39:53 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.23 10:39:52 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.23 10:39:52 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.23 10:39:52 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.23 10:39:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.23 10:39:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.23 10:39:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.23 10:39:51 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.23 10:39:51 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.23 10:39:51 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.23 10:39:51 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.23 10:39:49 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.09.23 10:39:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.23 10:39:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.23 10:35:10 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.09.23 10:35:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012.09.23 10:35:10 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012.09.23 10:29:43 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012.09.23 10:29:42 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.09.23 10:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012.09.23 10:29:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012.09.23 10:29:22 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2012.09.23 10:29:22 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2012.09.23 10:29:20 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.09.23 10:29:20 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.09.23 10:29:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.09.23 10:29:18 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2012.09.23 10:29:17 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2012.09.23 10:24:28 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.09.23 10:24:27 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.09.23 10:24:27 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.09.23 10:24:25 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.09.23 10:24:23 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012.09.23 10:24:22 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2012.09.23 10:24:12 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.09.23 10:24:11 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.09.23 10:24:11 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.09.23 10:23:37 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.09.23 10:23:31 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.09.23 10:23:31 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.09.23 10:23:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.09.23 10:23:21 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.09.23 10:23:21 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.09.23 10:23:06 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.09.23 10:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\PMS
[2012.09.23 10:22:53 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012.09.23 10:22:52 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012.09.23 10:16:30 | 000,000,000 | ---D | C] -- C:\#Movies
[2012.09.23 03:59:07 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.09.23 03:59:07 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.09.23 03:55:42 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.09.23 03:55:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.09.23 03:55:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Vorlagen
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Verlauf
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Temporary Internet Files
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Startmenü
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\SendTo
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Recent
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Netzwerkumgebung
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Lokale Einstellungen
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Videos
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Musik
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Eigene Dateien
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Documents\Eigene Bilder
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Druckumgebung
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Cookies
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\AppData\Local\Anwendungsdaten
[2012.09.23 03:55:42 | 000,000,000 | -HSD | C] -- C:\Users\Vik\Anwendungsdaten
[2012.09.23 03:55:41 | 000,000,000 | --SD | C] -- C:\Users\Vik\AppData\Roaming\Microsoft
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Videos
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Saved Games
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Pictures
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Music
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Links
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Favorites
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Downloads
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Documents
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\Desktop
[2012.09.23 03:55:41 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.23 03:55:41 | 000,000,000 | -H-D | C] -- C:\Users\Vik\AppData
[2012.09.23 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Temp
[2012.09.23 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\SoftThinks
[2012.09.23 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Microsoft
[2012.09.23 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Media Center Programs
[2012.09.23 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Macromedia
[2012.09.23 03:55:39 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.09.23 03:55:39 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.09.23 03:55:39 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.09.23 03:55:35 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.09.23 03:55:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.23 03:55:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.23 03:49:44 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.09.22 23:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2012.09.22 23:53:59 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\Xenon
[2012.09.22 23:53:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2012.09.22 23:50:34 | 000,000,000 | R--D | C] -- C:\Users\Vik\Desktop\Uni
[2012.09.22 23:48:55 | 078,545,304 | ---- | C] (Apple Inc.) -- C:\Users\Vik\Desktop\iTunesSetup.exe
[2012.09.22 23:45:36 | 000,000,000 | ---D | C] -- C:\Users\Vik\Desktop\prom
[2012.09.22 23:43:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cryptload
[2012.09.22 23:43:31 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\WinRAR
[2012.09.22 23:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.22 23:43:30 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.22 23:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.09.22 23:06:01 | 000,000,000 | ---D | C] -- C:\#Down
[2012.09.22 22:58:24 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Reallusion
[2012.09.22 22:58:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2012.09.22 22:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.09.22 22:51:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.09.22 22:51:16 | 000,000,000 | ---D | C] -- C:\Users\Vik\Documents\Anti-Malware
[2012.09.22 22:50:23 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\AVG2013
[2012.09.22 22:50:08 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\TuneUp Software
[2012.09.22 22:50:08 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\AVG Secure Search
[2012.09.22 22:50:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.09.22 22:50:07 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.09.22 22:50:05 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.09.22 22:50:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2012.09.22 22:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012.09.22 22:49:30 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.09.22 22:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012.09.22 22:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.09.22 22:46:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.09.22 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\MFAData
[2012.09.22 22:46:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.09.22 22:46:33 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Avg2013
[2012.09.22 22:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[2012.09.22 22:39:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.09.22 22:38:09 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.09.22 22:36:06 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.09.22 22:18:14 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Malwarebytes
[2012.09.22 22:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.22 22:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.22 22:18:03 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.22 22:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.09.22 22:03:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojancheck 6
[2012.09.22 21:51:31 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\adaware
[2012.09.22 21:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
[2012.09.22 21:51:20 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Downloaded Installations
[2012.09.22 21:36:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012.09.22 21:34:46 | 000,251,560 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012.09.22 21:34:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012.09.22 21:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012.09.22 21:34:16 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\TestApp
[2012.09.22 21:20:05 | 000,000,000 | ---D | C] -- C:\Windows\SMINST
[2012.09.22 21:06:50 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Google
[2012.09.22 21:06:36 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Deployment
[2012.09.22 21:06:36 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Apps
[2012.09.22 21:05:11 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Adobe
[2012.09.22 21:03:02 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Dell
[2012.09.22 21:02:47 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Fingertapps
[2012.09.22 21:02:43 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Dell
[2012.09.22 21:02:43 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\Conexant
[2012.09.22 21:02:38 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Creative
[2012.09.22 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\ATI
[2012.09.22 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\ATI
[2012.09.22 21:02:36 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Intel Corporation
[2012.09.22 21:02:23 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.22 21:02:23 | 000,000,000 | R--D | C] -- C:\Users\Vik\Searches
[2012.09.22 21:02:23 | 000,000,000 | R--D | C] -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.22 21:02:15 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Roaming\Identities
[2012.09.22 21:02:13 | 000,000,000 | R--D | C] -- C:\Users\Vik\Contacts
[2012.09.22 21:02:12 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.09.22 21:02:11 | 000,000,000 | ---D | C] -- C:\Users\Vik\AppData\Local\VirtualStore
[2012.09.17 18:58:54 | 000,056,672 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012.09.14 05:34:34 | 000,105,312 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012.09.12 11:47:20 | 000,199,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012.09.12 11:47:02 | 000,175,968 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.23 11:08:28 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 11:08:28 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.23 11:08:19 | 000,601,600 | ---- | M] (OldTimer Tools) -- C:\Users\Vik\Desktop\OTL.exe
[2012.09.23 11:08:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1000UA.job
[2012.09.23 11:08:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1000Core.job
[2012.09.23 11:07:13 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.23 11:07:13 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.23 11:07:13 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.23 11:07:13 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.23 11:07:13 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.23 11:00:52 | 000,276,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.09.23 11:00:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.23 11:00:35 | 460,079,103 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.23 10:39:07 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.09.23 10:13:56 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.23 03:54:50 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.09.23 03:54:50 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.09.22 23:57:39 | 078,545,304 | ---- | M] (Apple Inc.) -- C:\Users\Vik\Desktop\iTunesSetup.exe
[2012.09.22 23:54:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012.09.22 22:51:32 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.22 22:50:08 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.09.22 22:50:05 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2012.09.22 21:35:29 | 001,526,701 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012.09.22 21:10:02 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.09.22 21:10:02 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.09.17 18:58:54 | 000,056,672 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2012.09.14 05:34:34 | 000,105,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2012.09.12 11:47:20 | 000,199,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2012.09.12 11:47:02 | 000,175,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.24 12:31:32 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.24 12:20:11 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.24 12:18:46 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.24 12:14:45 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.24 12:14:34 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.24 12:13:29 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.08.24 12:11:57 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.08.24 12:10:14 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.24 12:04:06 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
 
========== Files Created - No Company Name ==========
 
[2012.09.23 04:01:21 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.09.23 04:01:21 | 000,000,422 | ---- | C] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.09.23 03:56:11 | 000,001,939 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hilfedokumentation von Dell.lnk
[2012.09.23 03:49:39 | 460,079,103 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.22 23:54:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_point64_01009.Wdf
[2012.09.22 22:51:32 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.22 22:50:08 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.09.22 22:35:45 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1000UA.job
[2012.09.22 22:35:45 | 000,001,060 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2468205183-3048026063-4288177971-1000Core.job
[2012.09.22 21:34:52 | 001,526,701 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012.09.22 21:02:26 | 000,001,371 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.09.22 21:02:24 | 000,001,218 | ---- | C] () -- C:\Users\Vik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.05.08 05:07:23 | 000,734,772 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.05.08 05:07:21 | 000,559,780 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.05.08 05:07:17 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.05.08 05:07:14 | 013,001,728 | ---- | C] () -- C:\Windows\SysWow64\ig7icd32.dll
[2012.05.08 05:07:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.05.08 05:07:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.08 05:07:08 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.05.08 04:01:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.05.08 03:59:53 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.02.16 09:34:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.02.16 09:34:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.01.11 03:39:16 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.02.11 12:22:50 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
         
Vielen Dank und viele Grüße,

Viktor
__________________


Alt 05.12.2012, 19:10   #3
t'john
/// Helfer-Team
 
startfenster.com hat mich auch erwischt... - Standard

startfenster.com hat mich auch erwischt...





Dein Thema ist leider untergegangen, bitte in Zukunft nicht selbst antworten.

Benoetigst du noch Hilfe?
__________________
__________________

Alt 22.01.2013, 13:21   #4
t'john
/// Helfer-Team
 
startfenster.com hat mich auch erwischt... - Standard

startfenster.com hat mich auch erwischt...



Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
Mfg, t'john
Das TB unterstützen

Antwort

Themen zu startfenster.com hat mich auch erwischt...
andere, askbar, ccsetup, deinstalliert, diner dash, document, eingefangen, gefangen, gen, hoffe, igdpmd64.sys, install.exe, installier, installiert, jdownloader, klasse, neu, nichts, plug-in, seite, spotify web helper, startfenster.com, system, total, usb 2.0, usb 3.0, verseucht, visual studio, vlc-player, vlc.de, wirklich, wscript.exe, ziemlich, ärgerlich




Ähnliche Themen: startfenster.com hat mich auch erwischt...


  1. Auch mich hat es erwischt.
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (26)
  2. GVU Trojaner - Mich hat es auch erwischt!
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (21)
  3. Startfenster.com hat auch mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (2)
  4. Auch mich aht der GVU Trojaner erwischt
    Plagegeister aller Art und deren Bekämpfung - 03.01.2013 (2)
  5. GVU - hat mich auch erwischt...
    Plagegeister aller Art und deren Bekämpfung - 18.12.2012 (7)
  6. GVU-Trojaner hat mich auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (7)
  7. Startfenster.com - mich hat es auch erwischt, grrr.
    Plagegeister aller Art und deren Bekämpfung - 16.09.2012 (21)
  8. 50euro - Es hat mich auch erwischt!
    Log-Analyse und Auswertung - 04.03.2012 (5)
  9. BKA hat mich nun auch erwischt
    Log-Analyse und Auswertung - 17.08.2011 (7)
  10. HDD LOW hat mich auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 29.12.2010 (19)
  11. Nun hat es mich auch erwischt
    Log-Analyse und Auswertung - 21.03.2010 (10)
  12. Jetzt hat`s mich also auch erwischt...
    Log-Analyse und Auswertung - 10.01.2006 (9)
  13. Mich hats auch erwischt
    Log-Analyse und Auswertung - 29.09.2005 (3)
  14. Nu hat es mich auch erwischt! trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.09.2005 (6)
  15. auch mich hat es erwischt!
    Log-Analyse und Auswertung - 05.03.2005 (2)
  16. Auch mich hat es erwischt !
    Log-Analyse und Auswertung - 07.11.2004 (3)
  17. Mich hat´s jetzt auch erwischt...
    Log-Analyse und Auswertung - 18.08.2004 (2)

Zum Thema startfenster.com hat mich auch erwischt... - Hallo! Ich hoffe sehr, dass ihr mir helfen könnt. Ich bin ziemlich neu hier und habe mir offenbar startfenster.com eingefangen, nachdem ich den VLC-Player installiert habe. Den VLC-Player habe ich - startfenster.com hat mich auch erwischt......
Archiv
Du betrachtest: startfenster.com hat mich auch erwischt... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.