ihavent.com

amatteur · 01.09.2013, 00:07

Ich habe mir irgendwas eingefangen und werde ständig umgeleitet sobald ich bei google auf suchen gehe. Ich habe den Rechner gescannt aber nichts gefunden. Ich habe es mit Avira sowie mit Norton versucht. Ich habe das System mit OTL gescannt und anbei die Ergebnisse:
OTL Extras:

OTL Extras logfile created on: 9/1/2013 12:40:29 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.93 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 54.78% Memory free
5.86 Gb Paging File | 4.47 Gb Available in Paging File | 76.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 75.28 Gb Total Space | 7.30 Gb Free Space | 9.70% Space Free | Partition Type: NTFS
Drive D: | 202.71 Gb Total Space | 79.93 Gb Free Space | 39.43% Space Free | Partition Type: NTFS

Computer Name: PALLAS | User Name: jannis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041E55F8-DC77-40CD-BC81-7C112F6DFC61}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{097280CE-1823-49F4-A4C2-749E21001E9D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2405BB41-7A60-4BDE-ABAA-E2CAF74EC991}" = rport=139 | protocol=6 | dir=out | app=system |
"{26DCFEFB-8712-481F-AA46-6798EC5BB74B}" = lport=445 | protocol=6 | dir=in | app=system |
"{327463EC-0C75-472C-8894-F46080813BE0}" = lport=19375 | protocol=17 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe |
"{3EF83186-E526-4189-AAD5-2CC40E5C014C}" = rport=138 | protocol=17 | dir=out | app=system |
"{49237CD7-FF54-4F8C-BB9A-7C658E937DD3}" = lport=19376 | protocol=6 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe |
"{4BB0A8A6-4BD2-4B59-949F-E4CD76F0817B}" = rport=137 | protocol=17 | dir=out | app=system |
"{504461C7-B616-4A63-98A9-41CF8C2A75D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5B2EBD5F-58E5-4217-8F0E-B2139E6B98C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DCBAB2D-CA38-47EE-96A3-2B9918A53B0A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{68610938-B8C1-4DC8-9509-A29B2C465D58}" = lport=139 | protocol=6 | dir=in | app=system |
"{6988600B-7918-4F5E-AC2D-ECCBA952F487}" = lport=138 | protocol=17 | dir=in | app=system |
"{81189C37-D1E7-41F7-B9B5-E7A1947A30E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8221CF53-2807-430B-B9D7-E95B2E9277FE}" = rport=445 | protocol=6 | dir=out | app=system |
"{932F87CD-8C00-4387-90AA-7F8FA1C7EE49}" = lport=137 | protocol=17 | dir=in | app=system |
"{B59A47A6-C86D-4FDE-8266-5448B928EDDE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BF0E462C-3149-4861-9248-B997216232F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDF04709-0A93-4DF3-898C-30D282F5ADD1}" = lport=5900 | protocol=6 | dir=in | name=vnc |
"{DE8CDCE2-CF8D-4FFE-95B8-20372F700624}" = lport=5800 | protocol=6 | dir=in | name=vnc jawa |
"{E63FE41A-3422-4D92-8C51-14FA1813055D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F7223EA8-1EE9-4831-8E0A-41A5E88C275E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F8174C1F-0B9B-4D5A-8C16-ECD13A514B3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F9A27416-AD64-4421-8068-F7E34E244FF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17AF4767-D209-42BA-89FD-F07C424CDE94}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe |
"{29EFDDBC-DEFE-402F-8F69-E00AF0D219E3}" = protocol=17 | dir=in | app=e:\dvd-start.exe |
"{345F463C-5501-407C-ABDD-E558664081E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{34B5705D-B192-4EBB-B200-BB97B50B00DC}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{4468A00B-0D15-43C5-8399-5D215B5C79AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{45454D10-721F-4BED-969F-B647C9E1203D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{48767794-432A-4E9C-94F8-DD87E3841982}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5BB9E149-ACAE-4CDF-8A54-6919E7D0151B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{613FEA82-C4A5-4244-8AB5-1CF5BCFFE729}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65B27A86-0972-46CA-B26D-F25C4A074AC0}" = protocol=6 | dir=in | app=e:\dvd-start.exe |
"{6CEBC893-423D-43AC-8E8F-FD6BA8B7B9DC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{6DEB379B-DF97-4AB5-8E85-A84D9F583549}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{80925167-B487-444C-95FD-A241310F2E5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9031BD54-9A33-4C2F-9532-EC0A77917ADF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{96C4CD07-F4AB-422C-932B-0DB37377F637}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{9A327D5F-37D4-419C-98DE-AB4FC5E4064E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{9A66C262-94A2-4D53-942E-5CB864216B9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A590A9B2-2DA4-4F9D-AC40-87BEB0CE9215}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BF34B334-5BB2-46A1-BCE4-FEA0266C77E8}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{D1195489-8A1C-496A-9495-DF52ADC20281}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E917B76B-D0AE-465D-ABCB-C460C1C79A06}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe |
"{EB451195-A9D5-432E-B1C5-440382F691E5}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FCCFF059-EEAD-41B4-B040-3FB6AD19E5B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FF929F19-B9F3-4AED-B7A2-D35967F21F64}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{A85C2412-B3F7-4F06-AC2E-E898AB8CB826}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3408E21F-845E-4ABA-9396-AD3FA6D625A9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7BC6B815-D9F1-4C43-82B4-7CB25458DD31}" = O&O Defrag Professional
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEA24B3-59BC-4C57-BD1C-4A261F269748}" = TASTstar 5.0 Demo
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"dlancockpit" = devolo dLAN Cockpit
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.2.1 Home Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phase-6" = phase-6 2.1.2.2a
"PhotoScape" = PhotoScape
"PortraitProfessionalStudio10_is1" = Portrait Professional Studio 10.9
"RealVNC_is1" = VNC Free Edition 4.1.3
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1
"Songr" = Songr
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"tintii" = indii.org/tintii
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.8
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/28/2013 8:41:07 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1841

Error - 6/28/2013 8:41:07 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1841

Error - 6/30/2013 12:46:15 PM | Computer Name = Pallas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
Support Center\Drv\drv2x64\KStartMem.exe.Manifest". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 6/30/2013 12:47:08 PM | Computer Name = Pallas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4586

Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4586

Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9609

Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9609

[ System Events ]
Error - 8/30/2013 7:22:55 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Sicherheitscenter" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error - 8/30/2013 7:23:20 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1079

Error - 8/30/2013 7:24:34 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Sicherheitscenter" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1079

Error - 8/31/2013 1:42:25 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 8/31/2013 2:05:54 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 8/31/2013 10:54:37 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 8/31/2013 1:28:27 PM | Computer Name = Pallas | Source = DCOM | ID = 10010
Description =

Error - 8/31/2013 6:04:17 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 8/31/2013 6:31:05 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error - 8/31/2013 6:34:41 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

[ TuneUp Events ]
Error - 9/12/2012 2:17:15 PM | Computer Name = Pallas | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

< End of report >

OTL logfile created on: 9/1/2013 12:40:29 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2.93 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 54.78% Memory free
5.86 Gb Paging File | 4.47 Gb Available in Paging File | 76.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 75.28 Gb Total Space | 7.30 Gb Free Space | 9.70% Space Free | Partition Type: NTFS
Drive D: | 202.71 Gb Total Space | 79.93 Gb Free Space | 39.43% Space Free | Partition Type: NTFS

Computer Name: PALLAS | User Name: jannis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/01 00:36:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2013/08/18 09:44:10 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/27 15:32:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013/06/27 15:32:16 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/06/27 15:32:12 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/06/27 15:32:11 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/05/29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012/05/29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012/02/28 16:09:18 | 003,128,856 | ---- | M] (devolo AG) -- C:\Program Files\devolo\dlan\devolonetsvc.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/24 22:56:30 | 002,281,800 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/02/03 07:19:20 | 000,650,920 | ---- | M] () -- C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE
PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/07/14 03:14:46 | 000,115,200 | ---- | M] () -- \\?\C:\windows\System32\wbem\WMIADAP.EXE
PRC - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe

========== Modules (No Company Name) ==========

MOD - [2013/08/18 09:44:10 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/02/03 07:19:20 | 000,650,920 | ---- | M] () -- C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE
MOD - [2010/02/03 07:19:20 | 000,155,648 | ---- | M] () -- C:\PROGRA~1\samsung\SAMSUN~2\HMXML.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll

========== Services (SafeList) ==========

SRV - [2013/08/20 21:14:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/18 09:44:10 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/27 15:32:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/06/27 15:32:12 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/02/28 16:09:18 | 003,128,856 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010/08/24 22:56:30 | 002,281,800 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)

========== Driver Services (SafeList) ==========

DRV - [2013/03/27 15:27:35 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/03/27 15:27:35 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/03/27 15:27:35 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/06 08:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/12/21 14:54:00 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2012/12/21 14:53:58 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012/09/19 11:02:06 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/05/08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/01/31 18:41:08 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/09/24 16:39:00 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)
DRV - [2009/12/14 22:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/10 15:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"
FF - prefs.js..extensions.enabledAddons: %7Bf13b157f-b174-47e7-a34d-4815ddfdfeb8%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/22 00:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/22 00:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/26 09:22:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/20 23:17:02 | 000,000,000 | ---D | M]

[2011/02/20 16:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\Extensions
[2013/09/01 00:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\Firefox\Profiles\g6g30jvk.default\extensions
[2013/08/15 17:56:48 | 000,036,781 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\jsdeobfuscator@adblockplus.org.xpi
[2013/08/11 10:54:32 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/16 17:05:36 | 000,018,509 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013/03/26 18:23:48 | 000,210,138 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
[2013/05/26 09:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/04/12 21:30:55 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/05/26 09:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/08/18 09:44:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://hpunter.dyndns.org:1200/AxViewer/AxMediaControl.cab (AxMediaControl Control)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E901A5D7-0AAA-4EB1-90F8-D1D20276FCD3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\manager1.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/01 00:32:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/30 21:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
[2013/08/30 21:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2013/08/24 17:40:24 | 000,000,000 | ---D | C] -- C:\Users\jannis\AppData\Local\Microsoft Games
[2013/08/24 17:29:02 | 000,000,000 | ---D | C] -- C:\Users\jannis\AppData\Local\Apple Computer
[2013/08/14 19:17:34 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/08/14 19:13:10 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/08/14 19:13:09 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/08/14 19:13:08 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/08/14 19:13:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/08/14 19:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/08/14 19:13:07 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/08/14 19:13:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/08/14 19:13:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/08/14 19:13:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/08/14 19:13:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/08/14 19:10:26 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2013/08/14 19:10:26 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2013/08/14 19:10:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2013/08/14 19:10:15 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2013/08/11 10:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 30 Days ==========

[2013/09/01 00:41:46 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 00:41:46 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 00:41:24 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/09/01 00:41:24 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/09/01 00:41:24 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/09/01 00:41:24 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/09/01 00:41:00 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/01 00:34:32 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/01 00:34:24 | 000,000,316 | ---- | M] () -- C:\windows\tasks\Eyyihhxh.job
[2013/09/01 00:34:21 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/01 00:34:15 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/01 00:34:15 | 001,241,725 | ---- | M] () -- C:\windows\System32\oodbs.lor
[2013/09/01 00:14:04 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/08/31 07:41:56 | 003,822,768 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/08/27 18:52:21 | 000,458,752 | RHS- | M] () -- C:\windows\System32\netiohlp6.dll
[2013/08/20 21:14:23 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/08/20 21:14:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/08/27 18:52:21 | 000,458,752 | RHS- | C] () -- C:\windows\System32\netiohlp6.dll
[2013/08/27 18:52:21 | 000,000,316 | ---- | C] () -- C:\windows\tasks\Eyyihhxh.job
[2013/02/14 21:02:33 | 002,468,520 | ---- | C] () -- C:\windows\System32\BootMan.exe
[2013/02/14 21:02:33 | 000,087,112 | ---- | C] () -- C:\windows\System32\setupempdrv03.exe
[2013/02/14 21:02:33 | 000,019,840 | ---- | C] () -- C:\windows\System32\EuEpmGdi.dll
[2013/02/14 21:02:33 | 000,014,920 | ---- | C] () -- C:\windows\System32\epmntdrv.sys
[2013/02/14 21:02:33 | 000,009,160 | ---- | C] () -- C:\windows\System32\EuGdiDrv.sys
[2011/02/04 15:44:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/19 20:08:51 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/10/03 00:40:40 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Anthropics
[2012/10/03 01:35:36 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/08/30 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\FreeVideoConverter
[2012/09/25 17:06:44 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\jpg-Illuminator
[2011/01/22 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Local
[2011/03/03 16:34:24 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\MAGIX
[2012/10/03 01:59:03 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\PDAppFlex
[2011/03/24 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Phase6
[2012/09/25 15:25:47 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\PhotoScape
[2012/09/24 09:59:37 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Pixlromatic
[2013/05/05 21:44:28 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\TeamViewer
[2012/10/03 19:52:42 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\TuneUp Software
[2011/02/11 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Windows Live Writer
[2011/03/25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\jannis\AppData\Roaming\Phase6
[2012/10/03 16:43:01 | 000,000,000 | ---D | M] -- C:\Users\jannis\AppData\Roaming\TuneUp Software

========== Purity Check ==========

< End of report >

Danke für die Mühe im Voraus

schrauber · 01.09.2013, 06:53

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

amatteur · 01.09.2013, 09:31

Code:

ATTFilter

OTL logfile created on: 9/1/2013 9:49:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.93 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 61.55% Memory free
5.86 Gb Paging File | 4.68 Gb Available in Paging File | 79.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 75.28 Gb Total Space | 7.10 Gb Free Space | 9.44% Space Free | Partition Type: NTFS
Drive D: | 202.71 Gb Total Space | 79.92 Gb Free Space | 39.43% Space Free | Partition Type: NTFS
 
Computer Name: PALLAS | User Name: jannis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/09/01 00:36:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe
PRC - [2013/08/18 09:44:10 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/06/27 15:32:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013/06/27 15:32:16 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013/06/27 15:32:12 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/06/27 15:32:11 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012/11/23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/05/29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012/05/29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012/02/28 16:09:18 | 003,128,856 | ---- | M] (devolo AG) -- C:\Program Files\devolo\dlan\devolonetsvc.exe
PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/24 22:56:30 | 002,281,800 | ---- | M] (O&O Software GmbH) -- C:\Program Files\OO Software\Defrag\oodag.exe
PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2010/02/03 08:10:02 | 000,294,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2009/11/04 06:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/13 12:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/08/18 09:44:10 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2010/02/03 08:10:02 | 000,294,912 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
MOD - [2010/02/03 07:19:20 | 000,155,648 | ---- | M] () -- C:\Program Files\Samsung\Samsung Update Plus\HMXML.dll
MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013/08/20 21:14:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/18 09:44:10 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/27 15:32:36 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/06/27 15:32:12 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/02/28 16:09:18 | 003,128,856 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010/08/24 22:56:30 | 002,281,800 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\Defrag\oodag.exe -- (OODefragAgent)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/10/15 18:13:58 | 000,439,632 | ---- | M] (RealVNC Ltd.) [Auto | Running] -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe -- (WinVNC4)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013/03/27 15:27:35 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/03/27 15:27:35 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/03/27 15:27:35 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/06 08:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012/12/21 14:54:00 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2012/12/21 14:53:58 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012/09/19 11:02:06 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/08/27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/05/08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012/01/31 18:41:08 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/09/24 16:39:00 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)
DRV - [2009/12/14 22:44:42 | 001,245,696 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/10 15:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-3219418776-4157282183-555089908-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"
FF - prefs.js..extensions.enabledAddons: %7Bf13b157f-b174-47e7-a34d-4815ddfdfeb8%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.1.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.8
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/22 00:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/22 00:09:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/26 09:22:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/20 23:17:02 | 000,000,000 | ---D | M]
 
[2011/02/20 16:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\Extensions
[2013/09/01 00:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\Firefox\Profiles\g6g30jvk.default\extensions
[2013/08/15 17:56:48 | 000,036,781 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\jsdeobfuscator@adblockplus.org.xpi
[2013/08/11 10:54:32 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/08/16 17:05:36 | 000,018,509 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013/03/26 18:23:48 | 000,210,138 | ---- | M] () (No name found) -- C:\Users\jannis\AppData\Roaming\mozilla\firefox\profiles\g6g30jvk.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
[2013/05/26 09:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2013/04/12 21:30:55 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013/05/26 09:22:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\browser\extensions
[2013/08/18 09:44:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://hpunter.dyndns.org:1200/AxViewer/AxMediaControl.cab (AxMediaControl Control)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01204E6-3498-4762-BE85-5AE5592765BC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E901A5D7-0AAA-4EB1-90F8-D1D20276FCD3}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\manager1.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/09/01 09:23:05 | 000,103,680 | ---- | C] (GMER) -- C:\uwldapod.sys
[2013/09/01 00:32:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/30 21:35:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
[2013/08/30 21:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2013/08/24 17:40:24 | 000,000,000 | ---D | C] -- C:\Users\jannis\AppData\Local\Microsoft Games
[2013/08/24 17:29:02 | 000,000,000 | ---D | C] -- C:\Users\jannis\AppData\Local\Apple Computer
[2013/08/14 19:17:34 | 000,000,000 | ---D | C] -- C:\windows\System32\MRT
[2013/08/14 19:13:10 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013/08/14 19:13:09 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013/08/14 19:13:08 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013/08/14 19:13:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013/08/14 19:13:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013/08/14 19:13:07 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013/08/14 19:13:07 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013/08/14 19:13:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013/08/14 19:13:07 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013/08/14 19:13:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013/08/14 19:10:26 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2013/08/14 19:10:26 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2013/08/14 19:10:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2013/08/14 19:10:15 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2013/08/11 10:43:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
 
========== Files - Modified Within 30 Days ==========
 
[2013/09/01 09:53:11 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 09:53:11 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/01 09:46:03 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/01 09:45:53 | 000,000,316 | ---- | M] () -- C:\windows\tasks\Eyyihhxh.job
[2013/09/01 09:45:50 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/09/01 09:45:44 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/01 09:45:44 | 001,246,829 | ---- | M] () -- C:\windows\System32\oodbs.lor
[2013/09/01 09:41:00 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/01 09:23:05 | 000,103,680 | ---- | M] (GMER) -- C:\uwldapod.sys
[2013/09/01 09:14:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/09/01 00:41:24 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2013/09/01 00:41:24 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/09/01 00:41:24 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2013/09/01 00:41:24 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/08/31 07:41:56 | 003,822,768 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/08/27 18:52:21 | 000,458,752 | RHS- | M] () -- C:\windows\System32\netiohlp6.dll
[2013/08/20 21:14:23 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013/08/20 21:14:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2013/08/27 18:52:21 | 000,458,752 | RHS- | C] () -- C:\windows\System32\netiohlp6.dll
[2013/08/27 18:52:21 | 000,000,316 | ---- | C] () -- C:\windows\tasks\Eyyihhxh.job
[2013/02/14 21:02:33 | 002,468,520 | ---- | C] () -- C:\windows\System32\BootMan.exe
[2013/02/14 21:02:33 | 000,087,112 | ---- | C] () -- C:\windows\System32\setupempdrv03.exe
[2013/02/14 21:02:33 | 000,019,840 | ---- | C] () -- C:\windows\System32\EuEpmGdi.dll
[2013/02/14 21:02:33 | 000,014,920 | ---- | C] () -- C:\windows\System32\epmntdrv.sys
[2013/02/14 21:02:33 | 000,009,160 | ---- | C] () -- C:\windows\System32\EuGdiDrv.sys
[2011/02/04 15:44:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/19 20:08:51 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/10/03 00:40:40 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Anthropics
[2012/10/03 01:35:36 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/08/30 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\FreeVideoConverter
[2012/09/25 17:06:44 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\jpg-Illuminator
[2011/01/22 00:09:40 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Local
[2011/03/03 16:34:24 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\MAGIX
[2012/10/03 01:59:03 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\PDAppFlex
[2011/03/24 21:37:05 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Phase6
[2012/09/25 15:25:47 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\PhotoScape
[2012/09/24 09:59:37 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Pixlromatic
[2013/05/05 21:44:28 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\TeamViewer
[2012/10/03 19:52:42 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\TuneUp Software
[2011/02/11 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Chrissa\AppData\Roaming\Windows Live Writer
[2011/03/25 19:25:40 | 000,000,000 | ---D | M] -- C:\Users\jannis\AppData\Roaming\Phase6
[2012/10/03 16:43:01 | 000,000,000 | ---D | M] -- C:\Users\jannis\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 9/1/2013 9:49:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16660)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.93 Gb Total Physical Memory | 1.81 Gb Available Physical Memory | 61.55% Memory free
5.86 Gb Paging File | 4.68 Gb Available in Paging File | 79.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 75.28 Gb Total Space | 7.10 Gb Free Space | 9.44% Space Free | Partition Type: NTFS
Drive D: | 202.71 Gb Total Space | 79.92 Gb Free Space | 39.43% Space Free | Partition Type: NTFS
 
Computer Name: PALLAS | User Name: jannis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3219418776-4157282183-555089908-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041E55F8-DC77-40CD-BC81-7C112F6DFC61}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{097280CE-1823-49F4-A4C2-749E21001E9D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2405BB41-7A60-4BDE-ABAA-E2CAF74EC991}" = rport=139 | protocol=6 | dir=out | app=system | 
"{26DCFEFB-8712-481F-AA46-6798EC5BB74B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{327463EC-0C75-472C-8894-F46080813BE0}" = lport=19375 | protocol=17 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe | 
"{3EF83186-E526-4189-AAD5-2CC40E5C014C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{49237CD7-FF54-4F8C-BB9A-7C658E937DD3}" = lport=19376 | protocol=6 | dir=in | app=c:\program files\devolo\dlan\devolonetsvc.exe | 
"{4BB0A8A6-4BD2-4B59-949F-E4CD76F0817B}" = rport=137 | protocol=17 | dir=out | app=system | 
"{504461C7-B616-4A63-98A9-41CF8C2A75D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{5B2EBD5F-58E5-4217-8F0E-B2139E6B98C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5DCBAB2D-CA38-47EE-96A3-2B9918A53B0A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{68610938-B8C1-4DC8-9509-A29B2C465D58}" = lport=139 | protocol=6 | dir=in | app=system | 
"{6988600B-7918-4F5E-AC2D-ECCBA952F487}" = lport=138 | protocol=17 | dir=in | app=system | 
"{81189C37-D1E7-41F7-B9B5-E7A1947A30E2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{8221CF53-2807-430B-B9D7-E95B2E9277FE}" = rport=445 | protocol=6 | dir=out | app=system | 
"{932F87CD-8C00-4387-90AA-7F8FA1C7EE49}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B59A47A6-C86D-4FDE-8266-5448B928EDDE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{BF0E462C-3149-4861-9248-B997216232F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DDF04709-0A93-4DF3-898C-30D282F5ADD1}" = lport=5900 | protocol=6 | dir=in | name=vnc | 
"{DE8CDCE2-CF8D-4FFE-95B8-20372F700624}" = lport=5800 | protocol=6 | dir=in | name=vnc jawa | 
"{E63FE41A-3422-4D92-8C51-14FA1813055D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F7223EA8-1EE9-4831-8E0A-41A5E88C275E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F8174C1F-0B9B-4D5A-8C16-ECD13A514B3F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F9A27416-AD64-4421-8068-F7E34E244FF6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17AF4767-D209-42BA-89FD-F07C424CDE94}" = protocol=6 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe | 
"{29EFDDBC-DEFE-402F-8F69-E00AF0D219E3}" = protocol=17 | dir=in | app=e:\dvd-start.exe | 
"{345F463C-5501-407C-ABDD-E558664081E4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{34B5705D-B192-4EBB-B200-BB97B50B00DC}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{4468A00B-0D15-43C5-8399-5D215B5C79AF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{45454D10-721F-4BED-969F-B647C9E1203D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{48767794-432A-4E9C-94F8-DD87E3841982}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5BB9E149-ACAE-4CDF-8A54-6919E7D0151B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{613FEA82-C4A5-4244-8AB5-1CF5BCFFE729}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{65B27A86-0972-46CA-B26D-F25C4A074AC0}" = protocol=6 | dir=in | app=e:\dvd-start.exe | 
"{6CEBC893-423D-43AC-8E8F-FD6BA8B7B9DC}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{6DEB379B-DF97-4AB5-8E85-A84D9F583549}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{80925167-B487-444C-95FD-A241310F2E5F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{9031BD54-9A33-4C2F-9532-EC0A77917ADF}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{96C4CD07-F4AB-422C-932B-0DB37377F637}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{9A327D5F-37D4-419C-98DE-AB4FC5E4064E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{9A66C262-94A2-4D53-942E-5CB864216B9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A590A9B2-2DA4-4F9D-AC40-87BEB0CE9215}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BF34B334-5BB2-46A1-BCE4-FEA0266C77E8}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
"{D1195489-8A1C-496A-9495-DF52ADC20281}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E917B76B-D0AE-465D-ABCB-C460C1C79A06}" = protocol=17 | dir=in | app=c:\program files\realvnc\vnc4\vncviewer.exe | 
"{EB451195-A9D5-432E-B1C5-440382F691E5}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{FCCFF059-EEAD-41B4-B040-3FB6AD19E5B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{FF929F19-B9F3-4AED-B7A2-D35967F21F64}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"TCP Query User{A85C2412-B3F7-4F06-AC2E-E898AB8CB826}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{3408E21F-845E-4ABA-9396-AD3FA6D625A9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34B76DCB-BF7C-440F-B058-C84172C1E338}" = Easy Network Manager
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74A579FB-EB06-497D-B194-01590D6FE51A}" = BatteryLifeExtender
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{7BC6B815-D9F1-4C43-82B4-7CB25458DD31}" = O&O Defrag Professional
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEA24B3-59BC-4C57-BD1C-4A261F269748}" = TASTstar 5.0 Demo
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"dlancockpit" = devolo dLAN Cockpit
"EaseUS Partition Master Home Edition_is1" = EaseUS Partition Master 9.2.1 Home Edition
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"phase-6" = phase-6 2.1.2.2a
"PhotoScape" = PhotoScape
"PortraitProfessionalStudio10_is1" = Portrait Professional Studio 10.9
"RealVNC_is1" = VNC Free Edition 4.1.3
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1
"Songr" = Songr
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"tintii" = indii.org/tintii
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.8
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/28/2013 8:41:07 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1841
 
Error - 6/28/2013 8:41:07 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1841
 
Error - 6/30/2013 12:46:15 PM | Computer Name = Pallas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
 Support Center\Drv\drv2x64\KStartMem.exe.Manifest".  Die abhängige Assemblierung 
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 6/30/2013 12:47:08 PM | Computer Name = Pallas | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4586
 
Error - 6/30/2013 2:32:18 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4586
 
Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9609
 
Error - 6/30/2013 2:32:23 PM | Computer Name = Pallas | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9609
 
[ System Events ]
Error - 8/31/2013 2:05:54 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 10:54:37 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 1:28:27 PM | Computer Name = Pallas | Source = DCOM | ID = 10010
Description = 
 
Error - 8/31/2013 6:04:17 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 6:31:05 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 6:34:41 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 7:21:58 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 8/31/2013 8:18:48 PM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 9/1/2013 1:33:49 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 9/1/2013 3:46:06 AM | Computer Name = Pallas | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
[ TuneUp Events ]
Error - 9/12/2012 2:17:15 PM | Computer Name = Pallas | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >

Hallo, ich versuche es noch mal mit first:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-09-2013
Ran by jannis (administrator) on PALLAS on 01-09-2013 10:28:03
Running from D:\
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(RealVNC Ltd.) C:\Program Files\RealVNC\VNC4\WinVNC4.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(OldTimer Tools) D:\OTL.exe
() C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
IMEO\manager1.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files\phase-6\phase-6\reminder\reminder.exe (phase-6)
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {B4CB8358-ABDB-47EE-BC2D-437B5DEBABCB} hxxp://hpunter.dyndns.org:1200/AxViewer/AxMediaControl.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\jannis\AppData\Roaming\Mozilla\Firefox\Profiles\g6g30jvk.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: jsdeobfuscator - C:\Users\jannis\AppData\Roaming\Mozilla\Firefox\Profiles\g6g30jvk.default\Extensions\jsdeobfuscator@adblockplus.org.xpi
FF Extension: No Name - C:\Users\jannis\AppData\Roaming\Mozilla\Firefox\Profiles\g6g30jvk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\jannis\AppData\Roaming\Mozilla\Firefox\Profiles\g6g30jvk.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF Extension: No Name - C:\Users\jannis\AppData\Roaming\Mozilla\Firefox\Profiles\g6g30jvk.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
FF Extension: Skype extension - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2281800 2010-08-24] (O&O Software GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)
R2 WinVNC4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [439632 2008-10-15] (RealVNC Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-27] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [14920 2012-12-21] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9160 2012-12-21] ()
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2012-01-31] (CACE Technologies)
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-09-24] (Windows (R) 2003 DDK 3790 provider)
R1 SABI; C:\windows\system32\Drivers\SABI.sys [10752 2010-03-31] (SAMSUNG ELECTRONICS)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-01 10:26 - 2013-09-01 10:26 - 01085571 _____ (Farbar) C:\Users\jannis\Downloads\FRST.exe
2013-09-01 09:23 - 2013-09-01 09:23 - 00103680 _____ (GMER) C:\uwldapod.sys
2013-09-01 08:00 - 2013-09-01 08:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\jannis\Downloads\tdsskiller.exe
2013-09-01 07:59 - 2013-09-01 09:13 - 04745728 _____ (AVAST Software) C:\Users\jannis\Downloads\aswMBR.exe
2013-09-01 07:52 - 2013-09-01 07:52 - 00377856 _____ C:\Users\jannis\Downloads\gmer_2.1.19163.exe
2013-09-01 00:36 - 2013-09-01 00:36 - 00602112 _____ (OldTimer Tools) C:\Users\jannis\Downloads\OTL.exe
2013-09-01 00:32 - 2013-09-01 07:32 - 00000000 ____D C:\AdwCleaner
2013-09-01 00:07 - 2013-09-01 00:07 - 00994642 _____ C:\Users\jannis\Downloads\AdwCleaner.exe
2013-08-31 19:25 - 2013-08-31 19:25 - 00000000 ____D C:\Users\Chrissa\AppData\Local\CrashDumps
2013-08-31 01:02 - 2013-08-31 01:03 - 153633520 _____ (Symantec Corporation) C:\Users\Chrissa\Downloads\NIS_20.1.0.24_SYMTB_PROMO_4_MRFTT_373_7607_DE1.exe
2013-08-31 01:01 - 2013-08-31 01:02 - 168525056 _____ (Symantec Corporation) C:\Users\Chrissa\Downloads\NAV_20.1.0.24_SYMTB_PROMO_4_MRFTT_372_7606_DE1.exe
2013-08-30 21:35 - 2013-08-30 21:35 - 00001099 _____ C:\Users\Chrissa\Desktop\Free Video Converter.lnk
2013-08-30 21:35 - 2013-08-30 21:35 - 00000000 ____D C:\Users\Chrissa\AppData\Roaming\FreeVideoConverter
2013-08-30 21:34 - 2013-08-30 21:35 - 00000000 ____D C:\Program Files\Free Video Converter
2013-08-30 21:30 - 2013-08-30 23:05 - 00000000 ____D C:\Users\Chrissa\Desktop\alex lieder 2013
2013-08-27 18:52 - 2013-09-01 09:45 - 00000316 _____ C:\windows\Tasks\Eyyihhxh.job
2013-08-27 18:52 - 2013-08-27 18:52 - 00458752 __RSH C:\windows\system32\netiohlp6.dll
2013-08-24 17:40 - 2013-08-24 17:41 - 00000000 ____D C:\Users\jannis\AppData\Local\Microsoft Games
2013-08-24 17:29 - 2013-08-24 17:29 - 00000000 ____D C:\Users\jannis\AppData\Local\Apple Computer
2013-08-15 19:48 - 2013-08-15 19:49 - 00000000 ____D C:\Users\Chrissa\Desktop\hiiiiii
2013-08-14 22:46 - 2013-08-15 19:50 - 00000000 ____D C:\Users\Chrissa\Desktop\ausgewählte
2013-08-14 19:17 - 2013-08-14 19:19 - 00000000 ____D C:\windows\system32\MRT
2013-08-14 19:13 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-08-14 19:13 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-08-14 19:13 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-08-14 19:13 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-08-14 19:13 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-08-14 19:13 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-08-14 19:13 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-08-14 19:13 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-08-14 19:13 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-08-14 19:10 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-08-14 19:10 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-08-14 19:10 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2013-08-14 19:10 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-08-14 19:10 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-08-14 19:10 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-08-14 19:10 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-08-14 19:10 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-08-14 19:10 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-08-14 19:10 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-08-14 19:10 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-08-14 19:10 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-01 10:27 - 2013-09-01 10:27 - 00000000 ____D C:\FRST
2013-09-01 10:26 - 2013-09-01 10:26 - 01085571 _____ (Farbar) C:\Users\jannis\Downloads\FRST.exe
2013-09-01 10:14 - 2012-09-12 19:01 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 09:53 - 2009-07-14 06:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 09:53 - 2009-07-14 06:34 - 00014512 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 09:49 - 2010-06-14 00:44 - 02087226 _____ C:\windows\WindowsUpdate.log
2013-09-01 09:46 - 2011-01-22 00:04 - 00001096 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-01 09:45 - 2013-08-27 18:52 - 00000316 _____ C:\windows\Tasks\Eyyihhxh.job
2013-09-01 09:45 - 2013-02-14 21:12 - 00038692 _____ C:\windows\setupact.log
2013-09-01 09:45 - 2011-06-28 13:05 - 01246829 _____ C:\windows\system32\oodbs.lor
2013-09-01 09:45 - 2009-07-14 06:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-09-01 09:41 - 2011-01-22 00:04 - 00001100 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 09:23 - 2013-09-01 09:23 - 00103680 _____ (GMER) C:\uwldapod.sys
2013-09-01 09:13 - 2013-09-01 07:59 - 04745728 _____ (AVAST Software) C:\Users\jannis\Downloads\aswMBR.exe
2013-09-01 08:00 - 2013-09-01 08:00 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\jannis\Downloads\tdsskiller.exe
2013-09-01 07:52 - 2013-09-01 07:52 - 00377856 _____ C:\Users\jannis\Downloads\gmer_2.1.19163.exe
2013-09-01 07:32 - 2013-09-01 00:32 - 00000000 ____D C:\AdwCleaner
2013-09-01 02:18 - 2013-02-14 21:41 - 00488200 _____ C:\windows\PFRO.log
2013-09-01 00:41 - 2009-07-26 22:06 - 01498742 _____ C:\windows\system32\PerfStringBackup.INI
2013-09-01 00:36 - 2013-09-01 00:36 - 00602112 _____ (OldTimer Tools) C:\Users\jannis\Downloads\OTL.exe
2013-09-01 00:07 - 2013-09-01 00:07 - 00994642 _____ C:\Users\jannis\Downloads\AdwCleaner.exe
2013-08-31 19:25 - 2013-08-31 19:25 - 00000000 ____D C:\Users\Chrissa\AppData\Local\CrashDumps
2013-08-31 08:05 - 2013-01-19 14:53 - 00000000 ____D C:\ProgramData\Norton
2013-08-31 07:41 - 2009-07-14 06:33 - 03822768 _____ C:\windows\system32\FNTCACHE.DAT
2013-08-31 02:00 - 2011-01-19 20:08 - 00000000 ____D C:\Users\Chrissa\AppData\Local\Adobe
2013-08-31 01:03 - 2013-08-31 01:02 - 153633520 _____ (Symantec Corporation) C:\Users\Chrissa\Downloads\NIS_20.1.0.24_SYMTB_PROMO_4_MRFTT_373_7607_DE1.exe
2013-08-31 01:02 - 2013-08-31 01:01 - 168525056 _____ (Symantec Corporation) C:\Users\Chrissa\Downloads\NAV_20.1.0.24_SYMTB_PROMO_4_MRFTT_372_7606_DE1.exe
2013-08-30 23:05 - 2013-08-30 21:30 - 00000000 ____D C:\Users\Chrissa\Desktop\alex lieder 2013
2013-08-30 21:48 - 2011-01-29 12:18 - 00000000 ____D C:\Users\Chrissa\AppData\Local\Songr
2013-08-30 21:48 - 2011-01-29 12:18 - 00000000 ____D C:\Program Files\Songr
2013-08-30 21:48 - 2011-01-19 20:13 - 00114760 _____ C:\Users\Chrissa\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-30 21:35 - 2013-08-30 21:35 - 00001099 _____ C:\Users\Chrissa\Desktop\Free Video Converter.lnk
2013-08-30 21:35 - 2013-08-30 21:35 - 00000000 ____D C:\Users\Chrissa\AppData\Roaming\FreeVideoConverter
2013-08-30 21:35 - 2013-08-30 21:34 - 00000000 ____D C:\Program Files\Free Video Converter
2013-08-27 18:52 - 2013-08-27 18:52 - 00458752 __RSH C:\windows\system32\netiohlp6.dll
2013-08-24 17:41 - 2013-08-24 17:40 - 00000000 ____D C:\Users\jannis\AppData\Local\Microsoft Games
2013-08-24 17:29 - 2013-08-24 17:29 - 00000000 ____D C:\Users\jannis\AppData\Local\Apple Computer
2013-08-24 17:15 - 2012-04-07 13:50 - 00114368 _____ C:\Users\jannis\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-23 10:36 - 2009-07-14 04:37 - 00000000 ____D C:\windows\Microsoft.NET
2013-08-20 21:14 - 2012-09-12 19:58 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-08-20 21:14 - 2012-02-06 21:14 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-19 09:56 - 2012-05-05 11:16 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 09:44 - 2013-04-12 21:30 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-16 19:50 - 2009-07-14 04:37 - 00000000 ____D C:\windows\rescache
2013-08-15 19:50 - 2013-08-14 22:46 - 00000000 ____D C:\Users\Chrissa\Desktop\ausgewählte
2013-08-15 19:49 - 2013-08-15 19:48 - 00000000 ____D C:\Users\Chrissa\Desktop\hiiiiii
2013-08-14 22:41 - 2012-09-25 10:49 - 00006144 ____H C:\Users\Chrissa\Desktop\photothumb.db
2013-08-14 21:04 - 2011-01-24 20:45 - 00000000 ____D C:\Users\Chrissa\Desktop\Bilder
2013-08-14 20:34 - 2009-07-14 04:37 - 00000000 ____D C:\windows\system32\de-DE
2013-08-14 19:19 - 2013-08-14 19:17 - 00000000 ____D C:\windows\system32\MRT
2013-08-14 19:17 - 2011-04-08 20:30 - 75778376 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-08-14 19:14 - 2009-07-14 04:04 - 00000531 _____ C:\windows\win.ini
2013-08-11 10:54 - 2011-07-09 17:02 - 00000000 ____D C:\Users\jannis\AppData\Local\Adobe
2013-08-11 10:43 - 2011-01-22 00:04 - 00000000 ____D C:\Program Files\Google

Files to move or delete:
====================
C:\Users\jannis\AppData\Local\Temp\Quarantine.exe
C:\Users\jannis\AppData\Local\Temp\_av4_\aswCmnB.dll
C:\Users\jannis\AppData\Local\Temp\_av4_\aswCmnOS.dll
C:\Users\jannis\AppData\Local\Temp\_av4_\aswCmnS.dll
C:\Users\jannis\AppData\Local\Temp\_av4_\aswEngin.dll
C:\Users\jannis\AppData\Local\Temp\_av4_\aswScan.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-01 01:52

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-09-2013
Ran by jannis at 2013-09-01 10:28:33
Running from D:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe AIR (Version: 3.4.0.2710)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros Client Installation Program (Version: 1.0.2.1119)
Avira Free Antivirus (Version: 13.0.0.3885)
BatteryLifeExtender (Version: 1.0.5)
Bonjour (Version: 3.0.0.10)
Canon MP550 series MP Drivers
D3DX10 (Version: 15.4.2368.0902)
devolo dLAN Cockpit (Version: 3.2.0.0)
DivX-Setup (Version: 2.3.0.20)
dLAN Cockpit (Version: 3.2.28)
EaseUS Partition Master 9.2.1 Home Edition
Easy Display Manager (Version: 3.0)
Easy Network Manager (Version: 4.2.8)
Easy SpeedUp Manager (Version: 3.0.0.5)
EasyBatteryManager (Version: 4.0.0.3)
Free Audio CD Burner version 1.4.7
Free Video Converter V 3.2 (Version: 3.2.0.0)
Free YouTube to MP3 Converter version 3.9.32
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
indii.org/tintii
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Matrix Storage Manager
iTunes (Version: 11.0.2.26)
Java 7 Update 17 (Version: 7.0.170)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 14 (Version: 6.0.140)
Junk Mail filter update (Version: 15.4.3502.0922)
MAGIX Foto Designer 7 (Version: 7.0.1.1)
Marvell Miniport Driver (Version: 11.22.3.3)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
O&O Defrag Professional (Version: 14.0.145)
PDF Settings CS6 (Version: 11.0)
phase-6 2.1.2.2a (Version: 2.1.2.2a)
PhotoScape
Portrait Professional Studio 10.9 (Version: 10.9)
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.6003)
Rossmann Fotowelt Software 4.12.1 (Version: 4.12.1)
Samsung Recovery Solution 4 (Version: 4.0.0.6)
Samsung Support Center (Version: 1.0.2)
Samsung Update Plus (Version: 2.0)
Skype™ 5.10 (Version: 5.10.116)
Songr (Version: 1.9.2138)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.0.10.0)
TASTstar 5.0 Demo (Version: 5.0.0)
TeamViewer 8 (Version: 8.0.18051)
TuneUp Utilities 2012 (Version: 12.0.3600.73)
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4200.95)
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73)
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
User Guide (Version: 1.0)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.1.8 (Version: 1.1.8)
VNC Free Edition 4.1.3 (Version: 4.1.3)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR
 

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {12C234D4-2A0A-4D9C-B8C9-E12F596225D3} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-01-11] ()
Task: {14C71128-4254-45AC-A53A-E3BC361C73A2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {162A6817-B3DB-4886-803D-0E9E543B7DBD} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {1B878BE0-65AE-4CED-B6A0-8623E81E44F9} - System32\Tasks\User_Feed_Synchronization-{1540D0B6-A0C1-445F-B37C-5AAEA0380FE0} => C:\windows\system32\msfeedssync.exe [2013-05-23] (Microsoft Corporation)
Task: {2215FE9F-B453-4376-A31F-3E5F7C6D8BC9} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {2BAA2849-BD33-42DD-AE2F-73D4FD0F29F4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {331B9088-610D-4D24-9BDC-CE73D12EFDE2} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files\TuneUp Utilities 2012\OneClick.exe [2012-05-29] (TuneUp Software)
Task: {544F91D9-F912-49A4-BCEA-EB7A252FBC1E} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-02-03] ()
Task: {581C03D9-14CF-480A-B81E-8095D1C36728} - System32\Tasks\User_Feed_Synchronization-{552E5D9F-BE36-4FC6-BB36-C44173DC20D5} => C:\windows\system32\msfeedssync.exe [2013-05-23] (Microsoft Corporation)
Task: {6830194A-2EA0-4D5E-B257-E32569E3BA0A} - System32\Tasks\Sun Microsystems-Online-Aktualisierungsprogramm => C:\Program Files\Java\jre6\bin\jusched.exe [2011-03-24] (Sun Microsystems, Inc.)
Task: {6968A9D3-B177-4C7E-A957-9D0B88707942} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {6CD695D4-AE1C-4705-B9D4-7824650B15AD} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {7940F3A4-B201-4A21-A71B-5B8D634353AF} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {9093FE45-F527-451B-B25C-44F469A2AA18} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {9DD59876-F5B7-4016-80E9-42BC6D74911E} - System32\Tasks\{7E9634B0-6C8B-417F-8C3E-90A9FD59F91B} => C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {A1A38289-E4B5-4DA2-9FA3-1CDF85703756} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AC641EE1-D128-4BD2-A0E1-85E5C985A3B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-22] (Google Inc.)
Task: {ACD1E72B-BCF4-4913-B482-F3F0BF710523} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-22] (Google Inc.)
Task: {AE31BEAB-2053-4F7B-9D12-5CFFFA853D86} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {B7A98087-50DB-4189-961D-1D1FBD21B71B} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {BEBA0598-2736-407A-851F-68F4478CD647} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {D00F6D12-B958-429F-BAF1-D366AB6A233A} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D9CC1663-A2D6-4660-A712-73C4FB018B79} - System32\Tasks\AdobeAAMUpdater-1.0-PALLAS-Chrissa => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {E90DC862-A12F-49F0-A230-A302FE80CD93} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3219418776-4157282183-555089908-1005
Task: {E92E4EF3-704A-48D8-9FEB-36B6F4E8AA5B} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E937B5EB-3994-446F-94DF-745DD141A23E} - System32\Tasks\Eyyihhxh => C:\windows\system32\netiohlp6.dll [2013-08-27] ()
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Eyyihhxh.job => C:\windows\system32\netiohlp6.dll
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 01:29 - 2009-07-14 03:16 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\tschannel.dll
2010-08-25 20:23 - 2010-08-25 20:23 - 04411904 _____ (Intel Corporation) C:\windows\system32\igd10umd32.dll
2009-07-14 02:13 - 2009-07-14 03:16 - 02255360 _____ (Microsoft Corporation) C:\windows\System32\NLSData0007.dll
2011-01-27 21:30 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2012-05-29 13:09 - 2012-05-29 13:09 - 00030048 _____ (TuneUp Software) C:\Program Files\TuneUp Utilities 2012\SDShelEx-win32.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00154680 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\shlext.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 04422992 _____ (Microsoft Corporation) C:\windows\system32\mfc100u.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00773968 _____ (Microsoft Corporation) C:\windows\system32\MSVCR100.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00421200 _____ (Microsoft Corporation) C:\windows\system32\MSVCP100.dll
2011-06-11 01:58 - 2011-06-11 01:58 - 00064336 _____ (Microsoft Corporation) C:\windows\system32\MFC100DEU.DLL
2010-08-24 22:56 - 2010-08-24 22:56 - 02044232 _____ (O&O Software GmbH) C:\PROGRA~1\OOSOFT~1\Defrag\oodsh.dll
2010-08-24 22:55 - 2010-08-24 22:55 - 00316744 _____ (O&O Software GmbH) C:\PROGRA~1\OOSOFT~1\Defrag\OODSHRS.DLL
2010-06-14 00:52 - 2009-07-20 01:17 - 00027704 _____ (SAMSUNG ELECTRONICS) C:\Program Files\SAMSUNG\EasySpeedUpManager\Sabi3.dll
2009-07-14 01:20 - 2009-07-14 03:16 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\VDMDBG.DLL
2010-06-14 00:53 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2010-06-14 00:53 - 2009-07-20 01:17 - 00027704 _____ (SAMSUNG ELECTRONICS) C:\Program Files\Samsung\Easy Display Manager\SABI3.dll
2010-08-25 20:00 - 2010-08-25 20:00 - 00023552 _____ (Intel Corporation) C:\windows\system32\igfxexps.dll
2010-08-25 19:59 - 2010-08-25 19:59 - 00057344 _____ (Intel Corporation) C:\windows\system32\igfxsrvc.dll
2010-08-25 19:59 - 2010-08-25 19:59 - 00228864 _____ (Intel Corporation) C:\windows\system32\igfxdev.dll
2010-06-13 03:33 - 2010-02-26 20:31 - 00173352 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2010-06-13 03:33 - 2010-02-26 20:31 - 00165160 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2011-06-22 14:41 - 2010-11-20 14:19 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\LOGONCLI.DLL
2012-08-15 14:46 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\BROWCLI.DLL
2012-10-20 00:46 - 2013-06-27 15:32 - 00739384 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00054840 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cfglib.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00349752 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccguard.dll
2012-10-20 00:46 - 2013-05-06 13:04 - 00030432 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdrc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00229432 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgrdw.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00378424 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00218168 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\gpipc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00059448 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avipc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00418872 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccwgrd.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00790584 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgen.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00049208 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccgenrc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00219192 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdate.dll
2012-10-20 00:46 - 2012-12-11 17:20 - 00029472 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccupdrc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00082488 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclic.dll
2012-10-20 00:46 - 2013-02-06 12:15 - 00011632 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\cclicrc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00207928 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsg.dll
2012-10-20 00:46 - 2013-02-06 12:15 - 00010608 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmsgrc.dll
2012-10-20 00:46 - 2012-12-11 17:20 - 04780832 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
2012-10-20 00:46 - 2013-02-06 12:15 - 00016240 _____ (Avira Operations GmbH & Co. KG) c:\program files\avira\antivir desktop\ccmainrc.dll
2012-10-20 00:46 - 2013-06-27 15:32 - 00212536 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ccupdw.dll
2013-04-12 21:30 - 2013-08-18 09:44 - 03551640 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2011-08-31 00:05 - 2011-08-31 00:05 - 00121704 _____ (Apple Inc.) C:\Program Files\Bonjour\mdnsNSP.dll
2009-07-14 01:23 - 2009-07-14 03:16 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\SRCLIENT.DLL
2011-06-22 14:41 - 2010-11-20 14:21 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\SPP.dll
2009-07-14 01:23 - 2009-07-14 03:16 - 00056320 _____ (Microsoft Corporation) C:\windows\system32\VssTrace.DLL
2009-07-14 01:42 - 2009-07-14 03:14 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\msscript.ocx
2009-07-13 22:46 - 2009-06-10 23:22 - 00015680 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\Fusion.dll
2011-06-22 14:40 - 2010-11-05 03:59 - 00093008 _____ (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\de\ShFusRes.dll
2010-06-14 00:44 - 2010-02-03 07:19 - 00155648 _____ () C:\PROGRA~1\samsung\SAMSUN~2\HMXML.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: TSSTcorp CDDVDW TS-L633J
Description: CD-ROM-Laufwerk
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2013 01:54:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/01/2013 01:53:20 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/01/2013 01:29:39 AM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17a0

Startzeit: 01cea6a1a1baef5e

Endzeit: 0

Anwendungspfad: C:\Users\jannis\Downloads\OTL.exe

Berichts-ID:

Error: (09/01/2013 01:27:08 AM) (Source: Application Hang) (User: )
Description: Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1430

Startzeit: 01cea6a158c1c00f

Endzeit: 16

Anwendungspfad: C:\Users\jannis\Downloads\OTL.exe

Berichts-ID:

Error: (08/31/2013 07:25:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db96a4
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0003c242
ID des fehlerhaften Prozesses: 0x668
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3

Error: (08/31/2013 03:11:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/31/2013 03:10:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/30/2013 11:25:10 PM) (Source: Application Hang) (User: )
Description: Programm avcenter.exe, Version 13.6.0.1550 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd0

Startzeit: 01cea5b94ea50ce1

Endzeit: 0

Anwendungspfad: C:\Program Files\Avira\AntiVir Desktop\avcenter.exe

Berichts-ID: a00678cd-11ba-11e3-9d2e-002454cb3865

Error: (08/28/2013 11:24:57 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/28/2013 11:24:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (09/01/2013 09:46:06 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 07:33:49 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 02:18:48 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 01:21:58 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 00:34:41 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 00:31:05 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/01/2013 00:04:17 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (08/31/2013 07:28:27 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (08/31/2013 04:54:37 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (08/31/2013 08:05:54 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


Microsoft Office Sessions:
=========================
Error: (09/01/2013 01:54:07 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest

Error: (09/01/2013 01:53:20 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest

Error: (09/01/2013 01:29:39 AM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.017a001cea6a1a1baef5e0C:\Users\jannis\Downloads\OTL.exe

Error: (09/01/2013 01:27:08 AM) (Source: Application Hang)(User: )
Description: OTL.exe3.2.69.0143001cea6a158c1c00f16C:\Users\jannis\Downloads\OTL.exe

Error: (08/31/2013 07:25:52 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.175144ce7a485RPCRT4.dll6.1.7601.1820551db96a4c00000fd0003c24266801cea66f1b1044d1C:\Program Files\Windows Media Player\wmplayer.exeC:\windows\system32\RPCRT4.dll61f05a97-1262-11e3-9d8e-002454cb3865

Error: (08/31/2013 03:11:08 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest

Error: (08/31/2013 03:10:25 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest

Error: (08/30/2013 11:25:10 PM) (Source: Application Hang)(User: )
Description: avcenter.exe13.6.0.1550bd001cea5b94ea50ce10C:\Program Files\Avira\AntiVir Desktop\avcenter.exea00678cd-11ba-11e3-9d2e-002454cb3865

Error: (08/28/2013 11:24:57 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest

Error: (08/28/2013 11:24:15 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest


==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 3004.61 MB
Available physical RAM: 1718.34 MB
Total Pagefile: 6005.45 MB
Available Pagefile: 4682.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:75.28 GB) (Free:7.04 GB) NTFS
Drive d: () (Fixed) (Total:202.71 GB) (Free:79.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 6261FA1C)
Partition 1: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=203 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 01.09.2013, 12:45

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

ihavent.com

Log-Analyse und Auswertung: ihavent.com

ihavent.com

ihavent.com

ihavent.com

ihavent.com

Ähnliche Themen: ihavent.com