Internet bestroffen - Google zeigt nur Werbung an / Anmeldung bei Fb nicht möglich

ReVoC

Guten Morgen,

seit ungefähr 2 Wochen habe ich das Problem das ich bei einer Googlesuche immer auf Werbung weitergeleitet werde sobald ich auf einen Link geklickt habe. Darüber hinaus kann ich mich seit dem Wochenende nicht mehr bei Facebook (jemand unbefugte soll auf meiner Seite gewesen sein. Dadurch ist das Konto gesperrt. Doch an anderen PC's kann ich mich anmelden) oder meinem E-mail Konto anmelden.

Ich habe jetzt die ANleitung dieser Seite abgearbeitet.
1. Defogger durchlaufen lassen
2. Mit GMER gescannt (hat sich nach unterschiedlichen Zeiten immer wieder fest gefahren und ist angestürzt. Auch im abgesicherten Modus zwei mal)
3. OTL durchlaufen lassen --> Logfiles unten
4. Anti-Malware durchlaufen lassen (hatte ein Fund) --> Logfile unten

Systemdaten:
Prozessor: Intel(R) Core(TM)2 Duo CPU T5850 2,16Ghz
Arbeitsspeicher: 4GB
Betriebssystem 32bit - Win7

Wenn Ihr mir helfen könntet wäre ich sehr froh.
Danke
Grüße Revoc

OTL - FIX
OTL logfile created on: 02.12.2012 20:25:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ReVoC\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,22% Memory free
6,00 Gb Paging File | 3,65 Gb Available in Paging File | 60,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 119,03 Gb Free Space | 41,57% Space Free | Partition Type: NTFS
Drive D: | 327,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: REVOC-PC | User Name: ReVoC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ReVoC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - C:\Programme\Ad-Aware Antivirus\AdAware.exe (Lavasoft Limited)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Programme\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Programme\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)


========== Modules (No Company Name) ==========

MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32api.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_elementtree.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_socket.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\windows._cacheinvalidation.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._gdi_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._misc_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_ssl.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pysqlite2._sqlite.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pythoncom26.dll ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32com.shell.shell.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32security.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pywintypes26.dll ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_ctypes.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._html2.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32process.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32ts.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32pdh.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32profile.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32crypt.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._core_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._windows_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\_hashlib.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._wizard.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32file.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32inet.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\wx._controls_.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\unicodedata.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\pyexpat.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\win32event.pyd ()
MOD - C:\Users\ReVoC\AppData\Local\Temp\_MEI2042\select.pyd ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.DLL ()
MOD - \\.\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Programme\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL ()


========== Services (SafeList) ==========

SRV - (MySQL) -- C:\Users\ReVoC\Drachenboot\Nationalteam\xampp-win32-1.7.3\xampp\mysql\bin\mysqld.exe File not found
SRV - (Apache2.2) -- C:\Users\ReVoC\Drachenboot\Nationalteam\xampp-win32-1.7.3\xampp\apache\bin\httpd.exe File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Ad-Aware Service) -- C:\Programme\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (SBAMSvc) -- C:\Programme\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (Lbd) -- system32\DRIVERS\Lbd.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (cpuz132) -- C:\Users\ReVoC\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (Btcsrusb) -- System32\Drivers\btcusb.sys File not found
DRV - (BTCOMBUS) -- System32\Drivers\btcombus.sys File not found
DRV - (BTCOM) -- system32\DRIVERS\btcomport.sys File not found
DRV - (BT) -- system32\DRIVERS\btnetdrv.sys File not found
DRV - (a2jml2kf) -- File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (SbFw) -- C:\Windows\System32\drivers\SbFw.sys (GFI Software)
DRV - (sbhips) -- C:\Windows\System32\drivers\sbhips.sys (GFI Software)
DRV - (sbwtis) -- C:\Windows\System32\drivers\sbwtis.sys (GFI Software)
DRV - (sbapifs) -- C:\Windows\System32\drivers\sbapifs.sys (GFI Software)
DRV - (SBRE) -- C:\Windows\System32\drivers\SBREDrv.sys (GFI Software)
DRV - (SBFWIMCLMP) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (SBFWIMCL) -- C:\Windows\System32\drivers\SbFwIm.sys (GFI Software)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ASUS)
DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (btnetBUs) -- C:\Windows\System32\drivers\btnetBus.sys ()
DRV - (IvtBtBUs) -- C:\Windows\System32\drivers\IvtBtBus.sys (IVT Corporation.)
DRV - (BtHidBus) -- C:\Windows\System32\drivers\BtHidBus.sys (IVT Corporation.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 40 AF 09 FD BC CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {E6B4A756-D977-41A6-9491-4EFFAD6FD025}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=116198&tt=4112_8&babsrc=SP_ss&mntrId=4e7998d500000000000000215dc56eaf
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{E6B4A756-D977-41A6-9491-4EFFAD6FD025}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B582195F5-92E7-40a0-A127-DB71295901D7%7D:0.6.4.1
FF - prefs.js..extensions.enabledAddons: firefox%40facebook.com:1.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.10.28 19:59:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.09 11:32:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.02 15:42:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.11.09 11:32:58 | 000,000,000 | ---D | M]

[2012.12.02 17:24:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Extensions
[2012.10.20 19:22:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\4ppqjtgb.default\extensions
[2012.10.20 19:22:29 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\4ppqjtgb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.12.02 17:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\Firefox\Profiles\9o5s2p34.default\extensions
[2012.12.02 17:28:14 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\firefox\profiles\9o5s2p34.default\extensions\firefox@facebook.com.xpi
[2012.12.02 17:28:14 | 000,242,709 | ---- | M] () (No name found) -- C:\Users\ReVoC\AppData\Roaming\mozilla\firefox\profiles\9o5s2p34.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}.xpi
[2012.12.02 15:42:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:se archFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ReVoC\AppData\Local\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Kalender = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Any.DO = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.0.82_0\
CHR - Extension: Google Maps = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Mail-Checker = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Facebook Notifications = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\
CHR - Extension: Android\u2122 for Google Chrome\u2122 = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafpbplbbeehhfhdfdnkgpflkfikechf\1.5_0\
CHR - Extension: Google Mail = C:\Users\ReVoC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-Germany Toolbar) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-Germany Toolbar) - {A51A36E6-31E7-4838-9FF7-76298B527EC0} - C:\Programme\softonic-Germany\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe File not found
O4 - Startup: C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ReVoC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A3437FB6-1A12-47F7-8DFB-CBA9E0FA8956}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.10.17 13:32:17 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.09.25 17:28:22 | 000,000,971 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\AutoRun\command - "" = D:\aoesetup.exe -- [1999.09.15 01:47:34 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\directx\command - "" = D:\DIRECTX\DXSETUP.EXE -- [1999.01.09 04:10:00 | 000,096,768 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dplay\command - "" = D:\DIRECTX\DPLAY61A.EXE -- [1999.06.19 01:35:30 | 000,485,600 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxdiag\command - "" = D:\GOODIES\AR40DEU.EXE -- [1999.06.29 17:17:26 | 005,994,880 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxinfo\command - "" = D:\GOODIES\DIRECTX\DXINFO.EXE -- [1997.07.15 10:00:00 | 000,299,520 | R--- | M] (Microsoft Corp.)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxtest\command - "" = D:\DIRECTX\DXDIAG.EXE -- [1999.01.09 04:10:00 | 001,253,648 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\dxtool\command - "" = D:\GOODIES\DIRECTX\DXTOOL.EXE -- [1997.07.15 10:00:00 | 000,033,280 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\log\command - "" = D:\goodies\machine\machine.exe -- [1999.08.17 23:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\machine\command - "" = D:\GOODIES\MACHINE\MACHINE.EXE -- [1999.08.17 23:05:36 | 000,208,896 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\setup\command - "" = D:\aoesetup.exe -- [1999.09.15 01:47:34 | 000,585,790 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{eb21b692-7579-11df-b588-806e6f6e6963}\Shell\zone\command - "" = D:\GOODIES\MSZONE\ZONEA600.EXE -- [1999.09.02 01:16:04 | 006,753,985 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 90 Days ==========

[2012.12.02 17:24:36 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\Macromedia
[2012.12.02 15:42:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.02 15:42:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.02 15:36:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.02 09:21:40 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.12.02 09:21:39 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Malwarebytes
[2012.12.02 09:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.02 09:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.02 09:21:21 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.02 09:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.01 23:05:46 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Desktop\Bilder
[2012.11.30 21:16:03 | 000,000,000 | ---D | C] -- C:\e0fac7fd6a6a7d61dc
[2012.11.30 20:46:43 | 000,000,000 | ---D | C] -- C:\e7a10bfe69cfd0eda0ba04a19f002677
[2012.11.30 20:36:56 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\JDownloaderDownloadAcceleratorPackages
[2012.11.30 20:36:51 | 000,000,000 | ---D | C] -- C:\646991caab469352bf828136ef
[2012.11.30 20:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\DownloadManager
[2012.11.30 19:33:16 | 000,000,000 | ---D | C] -- C:\0f6c2fc4b3351ece9383c64f0b0cc5e6
[2012.11.30 19:28:54 | 000,000,000 | ---D | C] -- C:\02a36b485b7b8eede66605
[2012.11.30 19:19:16 | 000,000,000 | ---D | C] -- C:\6188b5e97f03362a69f9
[2012.11.30 19:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.11.30 19:15:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.11.30 19:15:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.11.30 19:15:02 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012.11.30 18:59:42 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Autodesk
[2012.11.30 18:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2012.11.25 17:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.11.25 17:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012.11.25 17:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
[2012.11.25 17:07:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2012.11.23 19:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.11.23 19:53:07 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.11.22 21:40:23 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.11.11 16:47:44 | 000,000,000 | ---D | C] -- C:\Program Files\AOE 2
[2012.11.09 13:12:37 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\{EF636DFC-FAF7-4DCE-98CB-1646896CDAE7}
[2012.11.09 13:11:46 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Tracing
[2012.11.09 11:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2012.11.09 11:36:11 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\HP
[2012.11.09 11:34:08 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\HP
[2012.11.09 11:33:20 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Yahoo!
[2012.11.09 11:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2012.11.09 11:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2012.11.09 11:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Hewlett-Packard
[2012.11.09 11:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\HP
[2012.11.09 11:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.11.09 11:16:38 | 000,452,408 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpzids01.dll
[2012.11.09 11:10:05 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2012.11.08 21:12:10 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.10.28 20:00:54 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\AppData\Local\DDMSettings
[2012.10.28 19:58:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2012.10.28 19:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2012.10.25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.24 07:59:15 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.10.24 07:51:55 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.24 06:56:45 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\Documents\Euro Truck Simulator 2
[2012.10.17 13:32:09 | 000,000,000 | ---D | C] -- C:\Autodesk
[2012.10.10 07:23:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.10.10 07:22:42 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.10.10 07:22:41 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.10.10 07:22:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 07:22:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 07:22:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 07:22:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 07:22:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 07:22:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 07:22:33 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 07:22:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 07:22:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 07:22:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 07:22:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 07:22:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 07:22:16 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.10.10 07:22:15 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.10.08 12:44:01 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.10.08 12:44:01 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.10.08 12:44:01 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.10.08 07:24:50 | 000,000,000 | ---D | C] -- C:\Users\ReVoC\picture
[2012.09.26 07:11:58 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2012.09.22 07:33:58 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.22 07:33:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.22 07:33:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.22 07:33:46 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.22 07:33:45 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.12 08:47:16 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012.09.12 08:47:14 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.09.12 08:47:14 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.09.12 08:47:13 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll

========== Files - Modified Within 90 Days ==========

[2012.12.02 20:30:03 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.02 20:24:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.02 19:41:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000UA.job
[2012.12.02 18:15:27 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.12.02 16:55:06 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.02 16:55:06 | 000,013,248 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.02 16:51:51 | 000,654,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.02 16:51:51 | 000,616,122 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.02 16:51:51 | 000,130,120 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.02 16:51:51 | 000,106,502 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.02 16:47:21 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.02 16:47:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.02 16:46:56 | 459,821,096 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.02 16:46:52 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.02 16:20:32 | 000,000,324 | ---- | M] () -- C:\Windows\wininit.ini
[2012.12.02 15:42:09 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.02 15:36:13 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.02 15:35:01 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2012.12.02 09:21:24 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.01 21:41:01 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000Core.job
[2012.11.30 20:45:41 | 000,002,495 | ---- | M] () -- C:\Users\ReVoC\Desktop\Google Chrome.lnk
[2012.11.30 19:15:55 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.29 19:14:17 | 000,206,405 | ---- | M] () -- C:\Users\ReVoC\Desktop\Unbenannt.jpg
[2012.11.25 17:26:50 | 000,001,907 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.25 17:08:23 | 000,002,135 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires II.lnk
[2012.11.23 19:53:18 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.12 08:26:40 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.11.11 22:29:19 | 000,386,784 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.09 11:35:09 | 000,245,504 | ---- | M] () -- C:\Windows\hpoins19.dat
[2012.11.09 11:32:29 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.11.09 11:30:07 | 000,001,316 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.11.09 11:29:42 | 000,001,154 | ---- | M] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.11.09 11:28:48 | 000,002,076 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.10.25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2012.10.25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2012.10.24 10:33:19 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.24 10:33:19 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.10.20 19:22:17 | 000,001,367 | ---- | M] () -- C:\Users\ReVoC\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.17 13:43:06 | 000,000,438 | ---- | M] () -- C:\Windows\System32\WSCConfig.xml
[2012.10.08 07:16:27 | 000,000,098 | ---- | M] () -- C:\user.js
[2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.23 17:07:23 | 000,001,713 | ---- | M] () -- C:\Users\ReVoC\Desktop\Google Drive.lnk
[2012.09.14 19:28:53 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

========== Files Created - No Company Name ==========

[2012.12.02 16:20:19 | 000,000,324 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.02 15:42:09 | 000,001,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.12.02 15:42:09 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.12.02 09:21:24 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.30 19:15:55 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.11.29 19:14:17 | 000,206,405 | ---- | C] () -- C:\Users\ReVoC\Desktop\Unbenannt.jpg
[2012.11.25 17:26:50 | 000,001,907 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.25 17:08:23 | 000,002,135 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires II.lnk
[2012.11.23 19:53:18 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.11.22 21:40:37 | 000,002,495 | ---- | C] () -- C:\Users\ReVoC\Desktop\Google Chrome.lnk
[2012.11.22 21:36:36 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000UA.job
[2012.11.22 21:36:31 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1948288846-1025835670-3159353792-1000Core.job
[2012.11.09 11:32:29 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\HP Photosmart Essential 3.5.lnk
[2012.11.09 11:30:43 | 000,001,034 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2012.11.09 11:30:07 | 000,001,316 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2012.11.09 11:29:42 | 000,001,154 | ---- | C] () -- C:\Users\Public\Desktop\Shop für HP Zubehör.lnk
[2012.11.09 11:28:48 | 000,002,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012.11.09 11:21:51 | 000,245,504 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.11.09 11:21:51 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.10.24 07:51:57 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.17 13:43:06 | 000,000,438 | ---- | C] () -- C:\Windows\System32\WSCConfig.xml
[2012.10.08 07:16:27 | 000,000,098 | ---- | C] () -- C:\user.js
[2012.01.18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012.01.18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012.01.18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012.01.18 05:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2011.11.14 22:33:58 | 000,000,000 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\{B1BFBF63-41AC-49E9-8A97-0F2711F2A8F6}
[2011.11.13 14:45:06 | 000,000,000 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\{EA4E2F5D-9F56-4F28-8211-02A6546C1F85}
[2011.08.14 15:12:41 | 000,045,573 | -H-- | C] () -- C:\Users\ReVoC\userdiff.sav
[2011.06.24 07:25:04 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.29 21:16:34 | 002,681,344 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2011.05.03 16:13:37 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.03 16:13:37 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.05.01 21:44:18 | 000,007,599 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\Resmon.ResmonCfg
[2011.04.16 20:07:11 | 000,024,576 | ---- | C] () -- C:\Windows\UniFISH.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.21 12:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.03.02 23:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.03.02 23:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.03.02 23:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.03.02 23:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.02.23 15:56:32 | 000,005,632 | ---- | C] () -- C:\Users\ReVoC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.26 08:25:02 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2010.12.23 21:56:01 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.07.25 18:56:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2012.11.30 22:52:12 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB4026$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\BACHCBMJ\t.cxt.ms\lso.swf\u.sol
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.07.24 08:53:14 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\AD ON Multimedia
[2012.08.22 16:08:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Ad-Aware Antivirus
[2012.11.30 18:59:42 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Autodesk
[2012.11.26 08:22:44 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DAEMON Tools Lite
[2012.10.20 19:22:39 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DVDVideoSoft
[2012.07.22 08:21:55 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.09 20:42:37 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\EPSON
[2011.02.25 14:38:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\GetRightToGo
[2011.02.28 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\GHISLER
[2012.12.02 20:27:38 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\ICQ
[2012.11.30 20:36:56 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\JDownloaderDownloadAcceleratorPackages
[2011.12.26 11:47:27 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Leadertech
[2010.09.19 14:51:16 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\MAGIX
[2011.09.09 11:24:22 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Mp3tag
[2010.08.25 19:31:00 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\NCH Swift Sound
[2010.12.25 17:46:36 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Red Alert 3
[2010.07.20 14:27:25 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\runic games
[2012.07.09 18:58:36 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Samsung
[2011.02.01 23:25:35 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\simfy-VZ-edition
[2010.12.26 14:00:04 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Synaptics
[2012.07.09 18:48:34 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Temp
[2012.10.28 10:55:00 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\Tobit
[2012.03.17 08:32:31 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\uTorrent
[2011.03.27 10:16:59 | 000,000,000 | ---D | M] -- C:\Users\ReVoC\AppData\Roaming\WEB.DE

========== Purity Check ==========



========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB4026$] -> Error: Cannot create file handle -> Unknown point type

< End of report >

OTL-Extra
OTL Extras logfile created on: 02.12.2012 20:25:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ReVoC\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,22% Memory free
6,00 Gb Paging File | 3,65 Gb Available in Paging File | 60,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286,37 Gb Total Space | 119,03 Gb Free Space | 41,57% Space Free | Partition Type: NTFS
Drive D: | 327,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: REVOC-PC | User Name: ReVoC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series" = Canon iP4800 series Printer Driver
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{2b12a4e9-c782-45ef-801e-abd0a08d3d8d}" = Ad-Aware Antivirus
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5U8xx Media Driver ver.3.62.02
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.3 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B28B351F-1232-46EA-85EF-B8EA91641031}" = Nero 7 Essentials
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi-Software
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Age of Empires 2.0" = Microsoft Age of Empires II
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"EPSON Scanner" = EPSON Scan
"Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch
"EPSON SX410 Series" = Druckerdeinstallation für EPSON SX410 Series
"FormatFactory" = FormatFactory 2.70
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MatlabR2011a" = MATLAB R2011a
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"softonic-Germany Toolbar" = softonic-Germany Toolbar
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"VideoPad" = VideoPad Videobearbeitungs-Software
"WavePad" = WavePad Audiobearbeitungs-Software
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"JDownloader Download Accelerator Packages" = JDownloader Download Accelerator Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6474

Error - 01.12.2012 10:49:51 | Computer Name = ReVoC-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6474

Error - 02.12.2012 09:29:42 | Computer Name = ReVoC-PC | Source = ESENT | ID = 490
Description = Catalog Database (1224) Catalog Database: Versuch, Datei "C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 02.12.2012 09:29:42 | Computer Name = ReVoC-PC | Source = ESENT | ID = 439
Description = Catalog Database (1224) Catalog Database: Die Shadowkopfzeile für
Datei C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
konnte nicht geschrieben werden. Fehler -1032.

Error - 02.12.2012 09:29:47 | Computer Name = ReVoC-PC | Source = ESENT | ID = 473
Description = Catalog Database (1224) Catalog Database: Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
wurde teilweise getrennt. Fehler -1032 beim Aktualisieren der Datenbankkopfzeilen.

Error - 02.12.2012 09:29:47 | Computer Name = ReVoC-PC | Source = ESENT | ID = 104
Description = Catalog Database (1224) Catalog Database: Das Datenbankmodul hat die
Instanz (0) mit dem Fehler (-1090) beendet.

Error - 02.12.2012 09:45:29 | Computer Name = ReVoC-PC | Source = System Restore | ID = 8206
Description =

Error - 02.12.2012 10:09:45 | Computer Name = ReVoC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MAWebControl.exe, Version: 1.2.2007.1018,
Zeitstempel: 0x48d34dcd Name des fehlerhaften Moduls: MAWebControl.exe, Version:
1.2.2007.1018, Zeitstempel: 0x48d34dcd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005914
ID
des fehlerhaften Prozesses: 0x1774 Startzeit der fehlerhaften Anwendung: 0x01cdd096acf86b96
Pfad
der fehlerhaften Anwendung: C:\Program Files\MarkAny\ContentSafer\MAWebControl.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\MarkAny\ContentSafer\MAWebControl.exe
Berichtskennung:
ebf3f937-3c89-11e2-ab69-00248c5ab665

Error - 02.12.2012 12:21:48 | Computer Name = ReVoC-PC | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ec8 Startzeit:
01cdd0a462606f4a Endzeit: 11 Anwendungspfad: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

Berichts-ID:


[ Media Center Events ]
Error - 11.12.2010 14:36:31 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 19:36:31 - Fehler beim Herstellen der Internetverbindung. 19:36:31
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 14:36:38 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 19:36:37 - Fehler beim Herstellen der Internetverbindung. 19:36:37
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 15:36:42 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 20:36:42 - Fehler beim Herstellen der Internetverbindung. 20:36:42
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 15:36:48 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 20:36:47 - Fehler beim Herstellen der Internetverbindung. 20:36:47
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 16:36:53 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 21:36:53 - Fehler beim Herstellen der Internetverbindung. 21:36:53
- Serververbindung konnte nicht hergestellt werden..

Error - 11.12.2010 16:36:59 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 21:36:58 - Fehler beim Herstellen der Internetverbindung. 21:36:58
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 02:41:26 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 07:41:26 - Fehler beim Herstellen der Internetverbindung. 07:41:26
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 02:41:41 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 07:41:31 - Fehler beim Herstellen der Internetverbindung. 07:41:31
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 03:41:51 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 08:41:51 - Fehler beim Herstellen der Internetverbindung. 08:41:51
- Serververbindung konnte nicht hergestellt werden..

Error - 19.12.2010 03:41:57 | Computer Name = ReVoC-PC | Source = MCUpdate | ID = 0
Description = 08:41:56 - Fehler beim Herstellen der Internetverbindung. 08:41:56
- Serververbindung konnte nicht hergestellt werden..

[ OSession Events ]
Error - 17.11.2010 04:16:19 | Computer Name = ReVoC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 368
seconds with 60 seconds of active time. This session ended with a crash.

Error - 23.11.2012 09:43:52 | Computer Name = ReVoC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 358
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MySQL" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 02.12.2012 11:47:16 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
BFE. Dieser Dienst ist eventuell nicht installiert.

Error - 02.12.2012 11:47:39 | Computer Name = ReVoC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd

Error - 02.12.2012 13:27:41 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:27:47 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:27:54 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:00 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:07 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error - 02.12.2012 13:28:13 | Computer Name = ReVoC-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.


< End of report >

Anti_Malware

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.02.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
ReVoC :: REVOC-PC [Administrator]

02.12.2012 18:15:43
mbam-log-2012-12-03 (04-12-01).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 592059
Laufzeit: 6 Stunde(n), 3 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\ReVoC\Downloads\SoftonicDownloader_fuer_extensoft-free-video-converter.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.

(Ende)