Optimizer Pro v3.1 und SpyHunter4

pruselda

Hallo!
Ich wäre sehr dankbar für Hilfe beim Entfernen der oben genannten Programme. Wie Optimizer den Weg zu mir gefunden hat, weiß ich nicht. Leider bin ich beim Versuch es wieder zu entfernen auch noch SpyHunter aufgesessen.
Ich habe bereits die aufgeführten Schritte unternommen. Die Textdateien habe ich beigefügt.
Leider bricht der Scan mit GMER mit der Fehlermeldung "Programm funktioniert nicht" ab.


defogger:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:46 on 29/07/2013 (Katja)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


OTL.txt:
OTL logfile created on: 7/29/2013 7:48:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.85 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.86% Memory free
7.71 Gb Paging File | 5.85 Gb Available in Paging File | 75.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79.00 Gb Total Space | 32.06 Gb Free Space | 40.58% Space Free | Partition Type: NTFS
Drive D: | 198.99 Gb Total Space | 104.74 Gb Free Space | 52.64% Space Free | Partition Type: NTFS

Computer Name: R540 | User Name: Katja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/29 19:48:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
PRC - [2013/07/29 19:46:30 | 000,118,568 | ---- | M] () -- C:\Users\Katja\Qtrax\Player\Notification.exe
PRC - [2013/07/05 06:39:34 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Users\Katja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013/05/29 12:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013/05/23 11:09:59 | 002,827,728 | ---- | M] () -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
PRC - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012/11/13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012/11/13 15:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/07/03 10:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/11/20 14:17:36 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/04/07 15:40:06 | 000,843,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\SysWOW64\Rezip.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/29 19:46:30 | 000,118,568 | ---- | M] () -- C:\Users\Katja\Qtrax\Player\Notification.exe
MOD - [2013/07/18 11:26:41 | 000,121,856 | ---- | M] () -- C:\Users\Katja\AppData\Roaming\BabSolution\Shared\NTRedirect.dll
MOD - [2013/05/23 11:09:59 | 002,827,728 | ---- | M] () -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
MOD - [2013/05/23 11:09:01 | 002,521,040 | ---- | M] () -- c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
MOD - [2013/05/17 10:51:16 | 000,207,872 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2013/04/12 19:23:30 | 000,612,664 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
MOD - [2013/02/04 18:13:54 | 000,070,832 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2013/01/09 13:11:40 | 000,599,040 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012/11/13 15:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 15:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 15:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 15:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 15:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/04/30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011/07/07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2010/01/11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/11/21 16:10:10 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/05/05 08:15:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/06/27 23:46:34 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE -- (SpyHunter 4 Service)
SRV - [2013/06/18 16:21:21 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/23 11:09:59 | 002,827,728 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert)
SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/11/27 21:18:34 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011/11/21 16:12:56 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/11/21 16:10:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\Rezip.exe -- (Rezip)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/08/01 20:27:04 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2012/08/01 20:27:04 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2012/06/22 12:01:32 | 000,022,704 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EsgScanner.sys -- (EsgScanner)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/13 04:32:22 | 002,797,056 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/02 18:17:20 | 000,013,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/05/05 08:47:10 | 006,789,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/05 07:23:26 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/27 09:57:04 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/01 02:25:14 | 000,136,192 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/03/31 02:35:26 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2010/02/27 02:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/29 09:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/09/28 11:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/08/05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010/09/28 13:41:51 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2010/02/24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=D84318F46A2DA618&affID=119357&tsp=4958
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=D84318F46A2DA618&affID=119357&tsp=4958
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=D84318F46A2DA618&affID=119357&tsp=4958
IE - HKCU\..\SearchScopes\{14B6CE37-24FF-43A9-8DD6-5A0564FCDA37}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Delta Search"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=D84318F46A2DA618&affID=119357&tsp=4958"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyrix@lyrixeeker.co: C:\Program Files (x86)\LyriXeeker\125.xpi [2013/07/29 19:42:18 | 000,009,338 | ---- | M] ()

[2013/07/25 21:46:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Extensions
[2013/07/25 21:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/07/29 19:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Firefox\Profiles\97jrqk9f.default\extensions
[2013/07/26 06:43:34 | 000,000,000 | ---D | M] ("Plus-HD-2.2") -- C:\Users\Katja\AppData\Roaming\mozilla\Firefox\Profiles\97jrqk9f.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com
[2013/07/29 19:42:38 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\Katja\AppData\Roaming\mozilla\Firefox\Profiles\97jrqk9f.default\extensions\ffxtlbr@delta.com
[2013/07/26 06:43:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\Firefox\Profiles\97jrqk9f.default\extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\chrome\content\extensionCode
[2013/07/25 21:46:54 | 000,223,750 | ---- | M] () (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\firefox\profiles\97jrqk9f.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013/06/30 10:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Katja\AppData\Roaming\mozilla\firefox\profiles\extensions\trtv3@trtv.com.xpi
[2013/07/29 19:42:25 | 000,006,507 | ---- | M] () -- C:\Users\Katja\AppData\Roaming\mozilla\firefox\profiles\97jrqk9f.default\searchplugins\babylon.xml
[2013/07/29 19:42:25 | 000,006,507 | ---- | M] () -- C:\Users\Katja\AppData\Roaming\mozilla\firefox\profiles\97jrqk9f.default\searchplugins\BrowserDefender.xml
[2013/07/29 19:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/07/29 19:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\ffxtlbr@babylon.com
[2013/07/25 21:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013/07/25 21:43:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013/07/18 06:53:36 | 000,447,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15354 more lines...
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Plus-HD-2.2) - {11111111-1111-1111-1111-110311301136} - C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll (Plus HD)
O2 - BHO: (LyricXeeker) - {17E58097-6CA5-448B-830F-2A19678248FB} - C:\Program Files (x86)\LyriXeeker\125.dll (LyriXeeker Tech)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (delta Helper Object) - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Delta Toolbar) - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [NTRedirect] C:\Users\Katja\AppData\Roaming\BabSolution\Shared\NTRedirect.dll ()
O4 - HKCU..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKCU..\Run: [QtraxNotification] C:\Users\Katja\Qtrax\Player\Notification.exe ()
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [Spotify] C:\Users\Katja\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Katja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKLM..\RunOnce: [Del5678841] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Del5678841] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Qtrax] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 3786119762.portal.qtrax.com File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B9DEB0F-3E87-4A00-83DC-C82E0AEE1DD6}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C60DE602-45B1-48F4-A158-C236BA4AC340}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20 - AppInit_DLLs: (c:\progra~3\browse~2\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exeC:\Users\Katja\AppData\Roaming\appconf32.exe) - File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/29 18:51:45 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6bca24a9-dbec-11e1-9f80-002454cde5ec}\Shell - "" = AutoRun
O33 - MountPoints2\{6bca24a9-dbec-11e1-9f80-002454cde5ec}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/29 19:47:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
[2013/07/29 19:46:25 | 000,000,000 | ---D | C] -- C:\Users\Katja\Qtrax
[2013/07/29 19:42:46 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Zip Opener Packages
[2013/07/29 19:42:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyriXeeker
[2013/07/29 19:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open It!
[2013/07/29 19:42:14 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\DigitalSite
[2013/07/29 19:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenIt
[2013/07/29 18:51:19 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2013/07/29 18:51:15 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013/07/29 18:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/07/25 21:47:28 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Optimizer Pro
[2013/07/25 21:47:07 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Local\Macromedia
[2013/07/25 21:46:16 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Local\Mozilla
[2013/07/25 21:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/07/25 21:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/07/25 21:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
[2013/07/25 21:42:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Delta
[2013/07/25 21:42:09 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
[2013/07/25 21:42:08 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\BabSolution
[2013/07/25 21:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013/07/25 21:41:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2013/07/25 21:41:42 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Babylon
[2013/07/25 21:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013/07/24 21:21:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013/07/24 21:07:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.2
[2013/07/24 21:05:25 | 000,000,000 | ---D | C] -- C:\Users\Katja\AppData\Roaming\Mozilla
[2013/07/24 21:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TornTV.com
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Katja\AppData\Roaming\*.tmp files -> C:\Users\Katja\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/29 19:48:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Katja\Desktop\OTL.exe
[2013/07/29 19:46:02 | 000,000,000 | ---- | M] () -- C:\Users\Katja\defogger_reenable
[2013/07/29 19:42:14 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job
[2013/07/29 18:51:45 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/07/29 18:15:14 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/29 18:15:14 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/29 18:08:35 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\LyricXeeker Update.job
[2013/07/29 18:08:20 | 000,001,194 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-updater.job
[2013/07/29 18:08:12 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-enabler.job
[2013/07/29 18:08:11 | 000,001,830 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job
[2013/07/29 18:08:11 | 000,001,198 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.2-codedownloader.job
[2013/07/29 18:07:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/29 18:07:51 | 4137,861,120 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/25 23:10:46 | 329,629,916 | ---- | M] () -- C:\Users\Katja\Desktop\Zeitgeist Stammheim - Dokumentation Techno Club Stammheim.flv
[2013/07/25 22:30:49 | 851,542,250 | ---- | M] () -- C:\Users\Katja\Desktop\Zeitgeist Stammheim - Dokumentation Techno Club Stammheim.mp4
[2013/07/24 21:28:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/07/24 21:20:04 | 001,520,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/24 21:20:04 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/07/24 21:20:04 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/24 21:20:04 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/07/24 21:20:04 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/24 11:59:42 | 000,223,750 | ---- | M] () -- C:\Program Files (x86)\easy_youtube_video_downloader-6.9-fx-windows.xpi
[2013/07/19 06:43:05 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/07/19 06:43:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/07/18 06:53:36 | 000,447,225 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Katja\AppData\Roaming\*.tmp files -> C:\Users\Katja\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/29 19:46:02 | 000,000,000 | ---- | C] () -- C:\Users\Katja\defogger_reenable
[2013/07/29 19:42:18 | 000,002,387 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
[2013/07/29 19:42:14 | 000,000,292 | ---- | C] () -- C:\Windows\tasks\DigitalSite.job
[2013/07/29 18:51:45 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/07/29 18:51:23 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
[2013/07/25 21:53:26 | 329,629,916 | ---- | C] () -- C:\Users\Katja\Desktop\Zeitgeist Stammheim - Dokumentation Techno Club Stammheim.flv
[2013/07/25 21:51:40 | 851,542,250 | ---- | C] () -- C:\Users\Katja\Desktop\Zeitgeist Stammheim - Dokumentation Techno Club Stammheim.mp4
[2013/07/25 21:45:19 | 000,223,750 | ---- | C] () -- C:\Program Files (x86)\easy_youtube_video_downloader-6.9-fx-windows.xpi
[2013/07/25 21:44:16 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/07/25 21:41:43 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\LyricXeeker Update.job
[2013/07/24 21:07:59 | 000,001,194 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-updater.job
[2013/07/24 21:07:56 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-enabler.job
[2013/07/24 21:07:51 | 000,001,198 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-codedownloader.job
[2013/07/24 21:07:40 | 000,001,830 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.2-firefoxinstaller.job
[2013/05/01 11:13:07 | 000,000,296 | ---- | C] () -- C:\Windows\wininit.ini
[2012/12/16 16:07:15 | 000,007,626 | ---- | C] () -- C:\Users\Katja\AppData\Local\Resmon.ResmonCfg
[2012/01/24 20:53:20 | 000,000,016 | ---- | C] () -- C:\Users\Katja\AppData\Roaming\blckdom.res
[2012/01/02 18:34:27 | 000,002,019 | ---- | C] () -- C:\Program Files\Adobe Reader X.lnk
[2011/12/05 21:13:09 | 000,001,953 | ---- | C] () -- C:\Program Files\CDBurnerXP.lnk
[2011/12/05 19:27:20 | 000,001,074 | ---- | C] () -- C:\Program Files\Exact Audio Copy.lnk
[2011/08/23 21:55:36 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011/08/23 18:34:31 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:373E1720

< End of report >


Extra.txt:
OTL Extras logfile created on: 7/29/2013 7:48:29 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Katja\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.85 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.86% Memory free
7.71 Gb Paging File | 5.85 Gb Available in Paging File | 75.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79.00 Gb Total Space | 32.06 Gb Free Space | 40.58% Space Free | Partition Type: NTFS
Drive D: | 198.99 Gb Total Space | 104.74 Gb Free Space | 52.64% Space Free | Partition Type: NTFS

Computer Name: R540 | User Name: Katja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01916D2F-5A53-4C42-84D6-8D1406D4BACE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{05653917-6364-4E03-AD6F-0334F55BD3C0}" = lport=137 | protocol=17 | dir=in | app=system |
"{0B3091A7-EC37-4570-8A40-45EFFF152A29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{24EF2207-ADE3-4635-B4BC-851AEFBFE1A3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AF358EE-954A-46D0-9940-6D8A23EAE1E1}" = rport=445 | protocol=6 | dir=out | app=system |
"{3D8A8903-7520-4EE8-B3D0-C1078BF948B2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{65DE1AC9-37E6-483D-BA3D-B733528D31DD}" = rport=139 | protocol=6 | dir=out | app=system |
"{6891CF6B-224D-451F-B616-5D77FEB8AB6A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{75C5670F-B6DB-44A6-8DFA-B2B71D7A6348}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A612414-687B-4FD2-B2CF-6C6E75957F55}" = lport=139 | protocol=6 | dir=in | app=system |
"{8BDBD145-3992-4FC2-AEBE-9220D1EA9BD1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A561E455-E7AD-47EF-8303-AAA219B2582E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A773C91D-E23C-49A5-A070-DEEFC77E5CA7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AD281432-B033-44C1-A697-359D437BBDE7}" = lport=138 | protocol=17 | dir=in | app=system |
"{B39F758F-3FB2-4949-91F2-8610E3B5DDFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C4B0CCFD-96DB-4488-9888-D37EEEC43A22}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D00A39F1-10FE-4308-BD35-AEFF06007136}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D313AE16-7F22-488F-8CBD-8176B979E8F8}" = lport=445 | protocol=6 | dir=in | app=system |
"{E0EDBD07-4E94-419A-92BD-E1E562FC7A9D}" = rport=138 | protocol=17 | dir=out | app=system |
"{E411663B-BC3E-42E4-AD9B-FE3EDE68237E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0FA784F-B08F-4F4C-B535-7B728982C46F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F626750C-259B-4911-8398-92BB925B419E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F81C95E5-80AB-4A5F-AC6D-25E9036EA5C2}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03E60912-B5A5-4EB9-B327-87FB8F031AD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{04003769-F948-4F1A-9835-9263B673CDEB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{077261CB-CB1B-4369-AC02-35B0FA0C8106}" = protocol=17 | dir=in | app=c:\users\katja\appdata\roaming\spotify\spotify.exe |
"{1F87321E-5B2A-472E-8A60-07922A8FA7C2}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{2675A25A-06CE-4F31-BB93-0784ED422F79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3059F974-4A92-4F5B-92DE-77213E97B4CD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3276D959-7E18-43D5-9724-8D0CC8AC1A75}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{34C739C1-3636-4D6D-82A2-DFD2A9EB697E}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3D0650E9-E11E-42B5-A813-E1B56B78E0AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E954C78-9DA9-4CE2-8F37-6FC27D929BCD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4350FA70-5803-4B4F-84F8-245C4365E00D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{46D8FE35-201E-4AD9-9FFA-5AD8608BA700}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{4B981E0D-8426-443F-A951-8A0223F7817D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C4FF3BF-8095-4BB8-9F11-681073D0163F}" = protocol=17 | dir=in | app=c:\users\katja\appdata\roaming\spotify\spotify.exe |
"{6BB68775-90A2-47A3-BE54-E77DF9A8DC02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75BC9A9F-DB27-44E6-938B-3A9567E01372}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{763E2F8D-EEEB-4C13-84AA-9335B7DA3276}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7A79BFFC-DDE2-41A2-9D73-BD4EEA062F8D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{7BA1B0F0-2BF6-4222-82AB-809533BBF640}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8C298F23-1440-4517-A974-825695302B3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8E3A3D60-9ED2-4685-A560-59456C31D35B}" = protocol=6 | dir=in | app=c:\users\katja\appdata\roaming\spotify\spotify.exe |
"{8F1C0348-F913-4A40-A49B-A82FBD8BFCF0}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{91814185-1339-4549-AACA-E1BA214CFC97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{927367FF-AE0F-4626-8B32-1E4F7CB516DE}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{BA5E400D-79F4-432F-91B9-41717AB19010}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BB2FDF3C-15FC-4DF5-A23C-F9533E397013}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{BE639805-2A93-4222-A973-B8A6D9108A4D}" = protocol=6 | dir=in | app=c:\users\katja\appdata\roaming\spotify\spotify.exe |
"{C120324E-5F4D-48F3-8C7C-07499DC5E137}" = protocol=6 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{C4AB460A-6C33-4E20-936E-6EF2732200B7}" = protocol=6 | dir=out | app=system |
"{C4B20C22-B8B8-44A9-A787-7A89CC9C9415}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C67D682E-EA79-4A07-8F5B-F86A767E1E5E}" = protocol=17 | dir=in | app=c:\program files (x86)\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{C837EDE1-77C0-4467-82D4-8044A1B80C99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D8FF262B-8856-4B96-9E37-EDB58A444C70}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{E46661AA-6BC9-4F12-8ABD-602A869D0419}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7FAD47B-3C7B-41FE-8192-AE93147C545E}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{E9FF8EF0-0A85-46FF-A6B3-A7201B123328}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F829CFB1-6AAE-4E77-8257-E0822E4EAEDB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FF85EE39-EC28-4BFD-9431-53BD3EB2F65B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"TCP Query User{A8625FAA-B90E-4495-9F65-12176DE0FFAB}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{F4AD31A6-200D-45F5-8251-2E1DA4D03D07}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{3476DB82-5375-4D9D-AC5E-812B838F9E4F}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{BC769360-B639-40CC-93AC-E805C37B0348}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE3CFB6-78B2-4F55-A7BE-618FCFF43A03}" = SpyHunter
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F0A36649-873E-4832-A5F1-BF5DF8600BDB}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F82D3110-2996-B896-9ADC-394C18071095}" = ccc-utility64
"{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}" = ATI Catalyst Install Manager
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"Elantech" = ETDWare PS/2-x64 7.0.7.0_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"WinRAR archiver" = WinRAR 4.01 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{058E7BC0-15C3-D5F6-FD8D-34E4B44E4F82}" = CCC Help Thai
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.111.08260
"{085C9E07-E122-DECF-350D-5CB3594EC54D}" = Catalyst Control Center Graphics Previews Common
"{08B67A13-8501-48CB-B747-9D413BDC4594}" = BatteryLifeExtender
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F796312-289C-40CA-856C-9FBCF5E83342}" = REALTEK Wireless LAN Software
"{11A5DA06-82B8-B47C-B6A9-6BFA8008108C}" = CCC Help Dutch
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserDefender
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{283EFC5E-041A-4AC7-8824-2F33695EBC11}" = CCC Help Korean
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2D4E3A20-01D9-713F-2CD5-15FBD9312F28}" = CCC Help Chinese Traditional
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{31CABF76-F113-30F6-1BF1-19CA660C72B4}" = CCC Help Finnish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43609114-F9B7-48AA-BAAC-F320BB5E88DD}" = CCC Help Spanish
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A331D24-A9E8-484F-835E-1BA7B139689C}" = EasyBatteryManager
"{4A87034C-621A-DAC1-D7C3-FB9102A453D4}" = CCC Help Japanese
"{4FBB6BFD-774C-E86B-84E6-23C08FD76C0C}" = Catalyst Control Center Graphics Light
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6BCE77FA-82A3-E502-0956-AA9AE0E169D0}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{78FDD286-2C51-17B5-22BC-DA769D237E1A}" = CCC Help Swedish
"{79B0F7B2-31BD-D377-CCA2-F647601283C0}" = CCC Help Polish
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{80059A57-F141-5556-7FA2-CD97EB8A05F9}" = CCC Help Danish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{983D01A7-FD14-5F70-9A46-3DBE1C0A3FFF}" = Catalyst Control Center InstallProxy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C51C947-7E8D-3EEB-6087-276446E4914C}" = CCC Help Hungarian
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B1FA9E3F-86F3-136A-84DA-809A40458243}" = CCC Help Russian
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6D8DC8C-F077-4631-A221-4D5E1D8E87E7}" = Catalyst Control Center - Branding
"{B7FB9C80-A61F-6BFE-7F93-C493AC3F9E91}" = CCC Help Turkish
"{B91B9BD2-C3D1-2632-26C9-170EB39CADAC}" = CCC Help Greek
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BD8D4FE1-8E1D-2D41-ED33-3E2B64ED3AF3}" = CCC Help Chinese Standard
"{C28CE716-3F07-528A-6CC8-FDF2865BCAAF}" = ccc-core-static
"{C4582EED-A3FB-4358-8F3F-8C994460DF28}" = EasyFileShare
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9F9C082-A19F-9672-4F78-CC93F363A07D}" = CCC Help Norwegian
"{CEF185AA-392D-82EF-339B-F36547C0D9F8}" = Catalyst Control Center Core Implementation
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D1886477-86CD-8365-CE96-42AD6F950ED0}" = CCC Help Italian
"{D1FAD629-67C3-B9D5-FD06-73A4EF76528A}" = CCC Help Portuguese
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D53D7F78-94AC-CE27-199E-5F509437C7E6}" = Catalyst Control Center Graphics Previews Vista
"{D55BE2BD-14D6-E8AA-A1C0-519C50E28EB2}" = Catalyst Control Center Graphics Full Existing
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E91CD838-0ED0-0BCD-ECAF-1A089F1A27E5}" = CCC Help Czech
"{EF1E3D76-6F52-3F63-6848-346ACD86096D}" = CCC Help German
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0B13553-B3CA-76A9-182A-9E352F4EB749}" = Catalyst Control Center Graphics Full New
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6340C10-589F-7D1E-1819-2F8CF6247505}" = CCC Help French
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F771F1D4-EDD4-4D68-82DC-811583C099CD}" = Easy Network Manager
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FFE45CD9-4070-78E3-5794-8575B389336E}" = Catalyst Control Center Localization All
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"delta" = Delta toolbar
"Delta Chrome Toolbar" = Delta Chrome Toolbar
"Diablo III" = Diablo III
"ElsterFormular" = ElsterFormular
"Exact Audio Copy" = Exact Audio Copy 1.0beta3
"Kobo" = Kobo
"lyrix@lyrixeeker.co" = LyricXeeker
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenIt Open It!" = Open It!
"Opera 12.16.1860" = Opera 12.16
"Optimizer Pro_is1" = Optimizer Pro v3.1
"Plus-HD-2.2" = Plus-HD-2.2
"TuneUp Utilities" = TuneUp Utilities
"Update Engine" = Sony Ericsson Update Engine
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3786119762.portal.qtrax.com" = Qtrax Player
"DigitalSite" = Update for Zip Opener
"Qtrax Connection Manager" = Qtrax Connection Manager
"Spotify" = Spotify
"Zip Opener Packages" = Zip Opener Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 4/11/2013 6:52:35 AM | Computer Name = R540 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 4/15/2013 3:00:33 PM | Computer Name = R540 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 4/15/2013 3:00:33 PM | Computer Name = R540 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 4/29/2013 3:00:37 PM | Computer Name = R540 | Source = System Restore | ID = 8193
Description =

Error - 5/15/2013 12:42:35 PM | Computer Name = R540 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 5/15/2013 12:42:35 PM | Computer Name = R540 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 5/22/2013 12:36:00 PM | Computer Name = R540 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 5/22/2013 12:36:00 PM | Computer Name = R540 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 6/20/2013 12:20:57 PM | Computer Name = R540 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 6/20/2013 12:20:57 PM | Computer Name = R540 | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

[ Media Center Events ]
Error - 12/23/2011 1:06:31 PM | Computer Name = R540 | Source = MCUpdate | ID = 0
Description = 18:06:31 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
Verbindung mit dem Remoteserver kann nicht hergestellt werden.)

Error - 1/1/2012 9:30:48 AM | Computer Name = R540 | Source = MCUpdate | ID = 0
Description = 14:30:48 - Fehler beim Herstellen der Internetverbindung. 14:30:48
- Serververbindung konnte nicht hergestellt werden..

Error - 1/1/2012 9:38:09 AM | Computer Name = R540 | Source = MCUpdate | ID = 0
Description = 14:36:57 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)


[ System Events ]
Error - 7/25/2013 11:19:20 AM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 12:29:57 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 4:19:36 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 4:46:29 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 4:46:43 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 5:00:49 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/25/2013 5:12:46 PM | Computer Name = R540 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte
Systeme

Error - 7/26/2013 12:46:47 AM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/29/2013 12:11:16 PM | Computer Name = R540 | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 7/29/2013 12:13:50 PM | Computer Name = R540 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Internet Explorer 10 für Windows 7 für x64-basierte
Systeme


< End of report >



Da dies mein erster Beitrag hier ist, hoffe ich alles richtig gemacht zu haben.