Windows 7 - weißer Bildschirm nach Start

Screap · 16.10.2013, 18:47

Guten Abend,
ich habe ein Problem, dass hier schon mehrfach behandelt wurde.
Nach dem Start von Windows 7 erscheint nur ein weißer Bildschirm.
Zu dem Thema habe ich hier schon einige Einträge gesehen und die Problemlösung scheint immer sehr ähnlich zu sein.
1. OTL-Fix / 2. Malwarebytes Anti-Malware / 3. AdwCleaner.

Da bei mir der weiße Bildschirm auch im abgesicherten Modus erscheint, habe ich auf die Boot-CD mit OTLPENet.exe zurückgegriffen. Die Logs kommen sofort.

Was mir in den anderen Beiträgen nach noch nicht ganz klar ist, wie sich der Fix zusammenstellt. Deshalb wäre ich sehr dankbar für einen passenden OTL-Fix auf mein Problem.

OTL.txt

Code:

ATTFilter

OTL logfile created on: 10/16/2013 10:28:18 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 200.00 Mb Total Space | 171.82 Mb Free Space | 85.91% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 28.91 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive E: | 654.69 Gb Total Space | 168.63 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive F: | 7.67 Gb Total Space | 7.67 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (WinDefend) -- E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (mfevtp) -- E:\windows\System32\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- E:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SRV:64bit: - (McShield) -- E:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (AMD External Events Utility) -- E:\Windows\System32\atiesrxx.exe (AMD)
SRV:64bit: - (McODS) -- E:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (McAWFwk) -- E:\Program Files\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- E:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- E:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- E:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- E:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- E:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- E:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (wlcrasvc) -- E:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (tor) -- E:\Program Files (x86)\Tor\tor.exe ()
SRV - (TuneUp.UtilitiesSvc) -- E:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (sftvsa) -- E:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- E:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (Sony PC Companion) -- E:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (SkypeUpdate) -- E:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (HauppaugeTVServer) -- E:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hauppauge Computer Works)
SRV - (NAUpdate) @C:\Program Files (x86) -- E:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (IAStorDataMgrSvc) Intel(R) -- E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- E:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Roxio UPnP Renderer 9) -- E:\Program Files (x86)\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9) -- E:\Program Files (x86)\Common Files\Sonic Shared\RoxioUpnpService9.exe (Sonic Solutions)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (usbser) -- E:\windows\system32\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- E:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- E:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- E:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- E:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- E:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (USBAAPL64) -- E:\Windows\System32\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (mfehidk) -- E:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- E:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- E:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- E:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- E:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- E:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfenlfk) -- E:\Windows\System32\drivers\mfenlfk.sys (McAfee, Inc.)
DRV:64bit: - (cfwids) -- E:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (LHDmgr) -- E:\Windows\System32\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- E:\Windows\System32\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (BPntDrv) -- E:\Windows\System32\drivers\BPntDrv.sys (Lenovo)
DRV:64bit: - (NBVol) -- E:\Windows\System32\drivers\NBVol.sys (Nero AG)
DRV:64bit: - (NBVolUp) -- E:\Windows\System32\drivers\NBVolUp.sys (Nero AG)
DRV:64bit: - (vm331avs) -- E:\Windows\System32\drivers\vm331avs.sys (Vimicro Corporation)
DRV:64bit: - (hcw95rc) -- E:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hcw95bda) -- E:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (intelkmd) -- E:\Windows\System32\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- E:\Windows\System32\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- E:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- E:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (CnxtHdAudService) -- E:\Windows\System32\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (clwvd) -- E:\Windows\System32\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (athr) -- E:\Windows\System32\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (TsUsbFlt) -- E:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- E:\windows\system32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- E:\Windows\System32\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) Intel(R) -- E:\Windows\System32\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- E:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- E:\Windows\System32\drivers\rtsuvstor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (vmuvcflt) -- E:\Windows\System32\drivers\vmuvcflt.sys (Vimicro Corporation)
DRV:64bit: - (wsvd) -- E:\Windows\System32\drivers\wsvd.sys (CyberLink)
DRV:64bit: - (StillCam) -- E:\Windows\System32\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- E:\Windows\System32\wbem\ntfs.mof ()
DRV:64bit: - (RTL8167) -- E:\Windows\System32\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (ebdrv) -- E:\windows\system32\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- E:\windows\system32\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- E:\Windows\System32\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (s0016mdm) -- E:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV:64bit: - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- E:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV:64bit: - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- E:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV:64bit: - (s0016obex) -- E:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV:64bit: - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- E:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV:64bit: - (s0016mdfl) -- E:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV:64bit: - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- E:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV:64bit: - (RxFilter) -- E:\Windows\System32\drivers\RxFilter.sys (Sonic Solutions)
DRV:64bit: - (DLADResE) -- E:\Windows\System32\DLA\DLADResE.SYS (Sonic Solutions)
DRV:64bit: - (DLAUDFAE) -- E:\Windows\System32\DLA\DLAUDFAE.SYS (Sonic Solutions)
DRV:64bit: - (DLABMFSE) -- E:\Windows\System32\DLA\DLABMFSE.SYS (Sonic Solutions)
DRV:64bit: - (DLAUDF_E) -- E:\Windows\System32\DLA\DLAUDF_E.SYS (Sonic Solutions)
DRV:64bit: - (DLAOPIOE) -- E:\Windows\System32\DLA\DLAOPIOE.SYS (Sonic Solutions)
DRV:64bit: - (DLABOIOE) -- E:\Windows\System32\DLA\DLABOIOE.SYS (Sonic Solutions)
DRV:64bit: - (DLAPoolE) -- E:\Windows\System32\DLA\DLAPoolE.SYS (Sonic Solutions)
DRV:64bit: - (DLAIFS_E) -- E:\Windows\System32\DLA\DLAIFS_E.SYS (Sonic Solutions)
DRV:64bit: - (DLARTL_E) -- E:\Windows\System32\drivers\DLARTL_E.SYS (Sonic Solutions)
DRV:64bit: - (DLACDBHE) -- E:\Windows\System32\drivers\DLACDBHE.SYS (Sonic Solutions)
DRV:64bit: - (DRVEDDM) -- E:\Windows\System32\drivers\DRVEDDM.SYS (Sonic Solutions)
DRV:64bit: - (PxHlpa64) -- E:\Windows\System32\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (DRVECDB) -- E:\Windows\System32\drivers\DRVECDB.SYS (Sonic Solutions)
DRV - (TuneUpUtilitiesDrv) -- E:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (RxFilter) -- E:\Windows\SysWOW64\drivers\RxFilter.sys (Sonic Solutions)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=51750c8d-22a7-481a-8d20-70688b666418&searchtype=ds&q={searchTerms}&installDate=18/04/2013
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=51750c8d-22a7-481a-8d20-70688b666418&searchtype=ds&q={searchTerms}&installDate=18/04/2013
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=51750c8d-22a7-481a-8d20-70688b666418&searchtype=ds&q={searchTerms}&installDate=18/04/2013
IE - HKU\Fuhrmann_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_6_602_171.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files\mcafee\msc\npMcSnFFPl64.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: E:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10: E:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin: E:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: E:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Nero.com/KM: E:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011/11/13 07:47:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/09/09 02:15:48 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012/01/27 10:06:33 | 000,001,327 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20111113023135.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - E:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20111113023135.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - E:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Fuhrmann_ON_E\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Energy Management] E:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] E:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] E:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [331BigDog] E:\Program Files (x86)\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager]  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] E:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DMXLauncher] E:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] E:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] E:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NBAgent] E:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [RoxioDragToDisc] E:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe (Sonic Solutions)
O4 - HKLM..\Run: [RoxWatchTray] E:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateP2GShortCut] E:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] E:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] E:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [WinampAgent] E:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [YouCam Mirage] E:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] E:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\Fuhrmann_ON_E..\Run: [RocketDock] E:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\Fuhrmann_ON_E..\Run: [Sony PC Companion] E:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: Free YouTube Download - E:\Users\Fuhrmann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Fuhrmann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - E:\Users\Fuhrmann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Fuhrmann\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - E:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - E:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - E:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Fuhrmann_ON_E Winlogon: Shell - (explorer.exe) - E:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Fuhrmann_ON_E Winlogon: Shell - (C:\Users\Fuhrmann\AppData\Roaming\cache.dat) - E:\Users\Fuhrmann\AppData\Roaming\cache.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{2e9fb6eb-4e81-11e1-9257-74de2b03e4b7}\Shell - "" = AutoRun
O33 - MountPoints2\{2e9fb6eb-4e81-11e1-9257-74de2b03e4b7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{6bc72b42-ff4e-11e1-8516-74de2b03e4b7}\Shell - "" = AutoRun
O33 - MountPoints2\{6bc72b42-ff4e-11e1-8516-74de2b03e4b7}\Shell\AutoRun\command - "" = E:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/10/16 12:48:28 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/10/16 11:29:03 | 000,000,000 | ---D | C] -- E:\windows\Minidump
[2013/10/11 07:13:35 | 000,000,000 | ---D | C] -- E:\Users\Fuhrmann\AppData\Local\CRE
[2013/10/11 07:13:34 | 000,000,000 | ---D | C] -- E:\ProgramData\Conduit
[2013/10/11 07:13:33 | 000,000,000 | ---D | C] -- E:\Users\Fuhrmann\AppData\Local\Conduit
[2013/10/11 07:13:33 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Conduit
[2013/10/11 07:12:23 | 000,040,760 | ---- | C] (TuneUp Software) -- E:\windows\System32\TURegOpt.exe
[2013/10/11 07:12:22 | 000,029,496 | ---- | C] (TuneUp Software) -- E:\windows\System32\authuitu.dll
[2013/10/11 07:12:22 | 000,025,400 | ---- | C] (TuneUp Software) -- E:\windows\SysWow64\authuitu.dll
[2013/10/11 07:12:17 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2013/10/11 07:11:40 | 000,000,000 | ---D | C] -- E:\Users\Fuhrmann\AppData\Roaming\TuneUp Software
[2013/10/11 07:11:25 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\TuneUp Utilities 2014
[2013/10/11 07:11:17 | 000,000,000 | ---D | C] -- E:\ProgramData\TuneUp Software
[2013/10/11 07:11:12 | 000,000,000 | -HSD | C] -- E:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2013/10/11 07:11:12 | 000,000,000 | -H-D | C] -- E:\ProgramData\Common Files
[2013/10/11 07:09:42 | 000,000,000 | ---D | C] -- E:\Users\Fuhrmann\AppData\Local\Programs
[2013/10/09 06:27:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ieui.dll
[2013/10/09 06:27:02 | 000,391,168 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ieui.dll
[2013/10/09 06:27:01 | 000,136,704 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iesysprep.dll
[2013/10/09 06:27:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iesysprep.dll
[2013/10/09 06:27:01 | 000,089,600 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\RegisterIEPKEYs.exe
[2013/10/09 06:27:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/09 06:27:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iesetup.dll
[2013/10/09 06:27:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iesetup.dll
[2013/10/09 06:27:01 | 000,051,712 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ie4uinit.exe
[2013/10/09 06:27:01 | 000,039,936 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\iernonce.dll
[2013/10/09 06:27:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\iernonce.dll
[2013/10/09 06:27:00 | 000,493,056 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\msfeeds.dll
[2013/10/09 06:26:59 | 003,959,296 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\jscript9.dll
[2013/10/09 06:26:59 | 000,855,552 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\jscript.dll
[2013/10/09 06:26:59 | 000,690,688 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\jscript.dll
[2013/10/09 06:26:59 | 000,603,136 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\msfeeds.dll
[2013/10/09 06:26:58 | 002,876,928 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\jscript9.dll
[2013/10/09 04:03:04 | 000,633,856 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\comctl32.dll
[2013/10/09 04:03:03 | 000,033,280 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\drivers\usbser.sys
[2013/10/09 04:03:02 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- E:\windows\System32\atmfd.dll
[2013/10/09 04:03:02 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- E:\windows\SysWow64\atmfd.dll
[2013/10/09 04:03:02 | 000,041,472 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\lpk.dll
[2013/10/09 04:03:02 | 000,014,336 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\dciman32.dll
[2013/10/09 04:03:02 | 000,010,240 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\dciman32.dll
[2013/10/09 04:03:01 | 000,100,864 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\fontsub.dll
[2013/10/09 04:03:01 | 000,070,656 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\fontsub.dll
[2013/10/09 04:03:01 | 000,046,080 | ---- | C] (Adobe Systems) -- E:\windows\System32\atmlib.dll
[2013/10/09 04:03:01 | 000,034,304 | ---- | C] (Adobe Systems) -- E:\windows\SysWow64\atmlib.dll
[2013/10/09 04:02:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\drivers\hidclass.sys
[2013/10/09 04:02:59 | 000,032,896 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\drivers\hidparse.sys
[2013/10/09 04:02:58 | 000,102,400 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\davclnt.dll
[2013/10/09 04:02:58 | 000,081,920 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\davclnt.dll
[2013/10/09 04:02:49 | 005,549,504 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ntoskrnl.exe
[2013/10/09 04:02:49 | 000,878,080 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\advapi32.dll
[2013/10/09 04:02:48 | 003,969,472 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ntkrnlpa.exe
[2013/10/09 04:02:48 | 003,914,176 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ntoskrnl.exe
[2013/10/09 04:02:48 | 001,732,032 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\ntdll.dll
[2013/10/09 04:02:48 | 000,859,648 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\tdh.dll
[2013/10/09 04:02:48 | 000,619,520 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\tdh.dll
[2013/10/09 04:02:47 | 000,243,712 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\wow64.dll
[2013/10/09 04:02:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\ntvdm64.dll
[2013/10/09 04:02:44 | 000,005,120 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\wow32.dll
[2013/10/09 04:02:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\setup16.exe
[2013/10/09 04:02:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\instnm.exe
[2013/10/09 04:02:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\user.exe
[2013/10/09 04:02:38 | 000,124,112 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 04:02:38 | 000,102,608 | ---- | C] (Microsoft Corporation) -- E:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 04:02:36 | 000,461,312 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\scavengeui.dll
[2013/10/09 04:02:33 | 000,325,120 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\drivers\usbport.sys
[2013/10/09 04:02:33 | 000,007,808 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\drivers\usbd.sys
[2013/09/28 04:56:52 | 001,424,384 | ---- | C] (Microsoft Corporation) -- E:\windows\System32\WindowsCodecs.dll
[2006/07/11 09:29:00 | 000,028,672 | R--- | C] ( ) -- E:\windows\SysWow64\DivXGraphBuilderCallback.dll
[1 E:\windows\SysWow64\*.tmp files -> E:\windows\SysWow64\*.tmp -> ]
[1 E:\Users\Fuhrmann\Documents\*.tmp files -> E:\Users\Fuhrmann\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/10/16 12:59:46 | 000,067,584 | --S- | M] () -- E:\windows\bootstat.dat
[2013/10/16 12:59:40 | 000,327,680 | ---- | M] () -- E:\windows\System32\Ikeext.etl
[2013/10/16 12:59:33 | 000,000,004 | ---- | M] () -- E:\Users\Fuhrmann\AppData\Roaming\cache.ini
[2013/10/16 12:51:55 | 000,021,072 | -H-- | M] () -- E:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/16 12:51:55 | 000,021,072 | -H-- | M] () -- E:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/16 12:51:27 | 000,665,320 | ---- | M] () -- E:\windows\System32\perfh007.dat
[2013/10/16 12:51:27 | 000,135,198 | ---- | M] () -- E:\windows\System32\perfc007.dat
[2013/10/16 12:51:27 | 000,009,112 | ---- | M] () -- E:\windows\System32\perfh009.dat
[2013/10/16 12:51:27 | 000,006,464 | ---- | M] () -- E:\windows\System32\perfc009.dat
[2013/10/16 12:48:28 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/10/16 12:44:05 | 000,001,120 | ---- | M] () -- E:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/16 12:43:46 | 2103,332,863 | -HS- | M] () -- E:\hiberfil.sys
[2013/10/16 11:28:52 | 397,933,236 | ---- | M] () -- E:\windows\MEMORY.DMP
[2013/10/16 05:33:55 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
[2013/10/16 05:33:55 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013/10/16 04:23:32 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/10/15 18:53:17 | 000,121,236 | ---- | M] () -- E:\windows\System32\fastboot.set
[2013/10/15 17:41:41 | 000,070,656 | R--- | M] () -- E:\Users\Fuhrmann\AppData\Roaming\cache.dat
[2013/10/15 17:26:02 | 000,001,124 | ---- | M] () -- E:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/11 07:13:56 | 000,000,009 | ---- | M] () -- E:\END
[2013/10/11 07:12:18 | 000,002,213 | ---- | M] () -- E:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013/10/11 07:12:18 | 000,002,193 | ---- | M] () -- E:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2013/10/11 07:12:17 | 000,002,205 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2013/10/11 07:05:21 | 000,000,840 | ---- | M] () -- E:\Users\Public\Desktop\Free Video Converter.lnk
[2013/10/10 10:28:40 | 032,895,152 | ---- | M] () -- E:\Users\Fuhrmann\AppData\Local\rx_image.Cache
[2013/10/09 11:22:38 | 004,947,824 | ---- | M] () -- E:\windows\System32\FNTCACHE.DAT
[2013/10/07 07:50:20 | 000,000,166 | ---- | M] () -- E:\windows\SysWow64\queries-02.cache
[2013/10/07 07:50:20 | 000,000,081 | ---- | M] () -- E:\windows\SysWow64\cache.00
[2013/10/07 07:50:20 | 000,000,017 | ---- | M] () -- E:\queries-07.cache
[2013/10/07 07:50:20 | 000,000,005 | ---- | M] () -- E:\server.met
[2013/10/07 07:50:20 | 000,000,005 | ---- | M] () -- E:\queries-00.cache
[2013/10/07 07:50:20 | 000,000,005 | ---- | M] () -- E:\known.met
[2013/10/05 08:24:14 | 000,002,183 | ---- | M] () -- E:\Users\Public\Desktop\Internetbrowser.lnk
[2013/10/05 08:24:14 | 000,002,183 | ---- | M] () -- E:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/28 06:31:29 | 000,002,026 | ---- | M] () -- E:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/09/28 06:31:29 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/09/27 14:05:31 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/09/22 19:27:53 | 000,493,056 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\msfeeds.dll
[2013/09/22 19:27:49 | 002,876,928 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\jscript9.dll
[2013/09/22 19:27:49 | 000,690,688 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\jscript.dll
[2013/09/22 19:27:48 | 000,391,168 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\ieui.dll
[2013/09/22 19:27:48 | 000,109,056 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iesysprep.dll
[2013/09/22 19:27:48 | 000,061,440 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iesetup.dll
[2013/09/22 19:27:48 | 000,033,280 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\iernonce.dll
[2013/09/22 18:55:16 | 000,051,712 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ie4uinit.exe
[2013/09/22 18:54:55 | 000,603,136 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\msfeeds.dll
[2013/09/22 18:54:51 | 003,959,296 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\jscript9.dll
[2013/09/22 18:54:51 | 000,855,552 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\jscript.dll
[2013/09/22 18:54:50 | 000,526,336 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\ieui.dll
[2013/09/22 18:54:50 | 000,136,704 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iesysprep.dll
[2013/09/22 18:54:50 | 000,067,072 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iesetup.dll
[2013/09/22 18:54:50 | 000,039,936 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\iernonce.dll
[2013/09/20 22:48:36 | 000,089,600 | ---- | M] (Microsoft Corporation) -- E:\windows\System32\RegisterIEPKEYs.exe
[2013/09/20 22:39:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- E:\windows\SysWow64\RegisterIEPKEYs.exe
[1 E:\windows\SysWow64\*.tmp files -> E:\windows\SysWow64\*.tmp -> ]
[1 E:\Users\Fuhrmann\Documents\*.tmp files -> E:\Users\Fuhrmann\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/10/16 11:28:52 | 397,933,236 | ---- | C] () -- E:\windows\MEMORY.DMP
[2013/10/15 17:42:55 | 000,000,004 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\cache.ini
[2013/10/15 17:21:32 | 000,070,656 | R--- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\cache.dat
[2013/10/11 07:13:53 | 000,000,009 | ---- | C] () -- E:\END
[2013/10/11 07:12:18 | 000,002,213 | ---- | C] () -- E:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013/10/11 07:12:18 | 000,002,193 | ---- | C] () -- E:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
[2013/10/11 07:12:17 | 000,002,205 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
[2013/10/11 07:05:21 | 000,000,840 | ---- | C] () -- E:\Users\Public\Desktop\Free Video Converter.lnk
[2013/10/07 07:50:20 | 000,000,017 | ---- | C] () -- E:\queries-07.cache
[2013/10/07 07:50:20 | 000,000,005 | ---- | C] () -- E:\server.met
[2013/10/07 07:50:20 | 000,000,005 | ---- | C] () -- E:\queries-00.cache
[2013/10/07 07:50:20 | 000,000,005 | ---- | C] () -- E:\known.met
[2013/09/28 06:31:29 | 000,002,026 | ---- | C] () -- E:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013/09/27 15:01:19 | 000,327,680 | ---- | C] () -- E:\windows\System32\Ikeext.etl
[2013/06/18 19:21:05 | 000,000,005 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\WBPU-TTL.DAT
[2013/04/11 08:30:28 | 000,149,880 | ---- | C] () -- E:\windows\wiainst64.exe
[2012/12/13 06:51:46 | 000,000,132 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/12/13 06:51:07 | 000,000,132 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/09/15 12:40:00 | 000,000,039 | ---- | C] () -- E:\windows\nap.ini
[2012/02/27 11:00:31 | 000,000,132 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011/12/20 14:10:14 | 032,895,152 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Local\rx_image.Cache
[2011/12/20 12:18:29 | 000,056,056 | ---- | C] () -- E:\windows\SysWow64\DLAAPI_W.DLL
[2011/12/20 12:18:29 | 000,000,132 | ---- | C] () -- E:\windows\wininit.ini
[2011/11/11 07:47:49 | 000,828,850 | ---- | C] () -- E:\windows\SysWow64\PerfStringBackup.INI
[2011/11/11 06:33:19 | 000,000,209 | ---- | C] () -- E:\windows\ODBCINST.INI
[2011/11/11 06:33:19 | 000,000,135 | ---- | C] () -- E:\windows\ODBC.INI
[2011/11/11 06:32:53 | 000,037,639 | ---- | C] () -- E:\windows\Irremote.ini
[2011/11/11 06:32:30 | 000,142,337 | ---- | C] () -- E:\windows\SysWow64\Wait.exe
[2011/11/11 06:31:00 | 000,007,188 | ---- | C] () -- E:\windows\HCWPNP.INI
[2011/09/02 18:34:23 | 000,000,512 | ---- | C] () -- E:\windows\previous.bin
[2011/09/02 18:34:23 | 000,000,512 | ---- | C] () -- E:\windows\current.bin
[2011/09/02 18:18:39 | 002,086,240 | ---- | C] () -- E:\windows\SysWow64\LenovoVeriface.Interface.dll
[2011/09/02 18:18:39 | 001,500,512 | ---- | C] () -- E:\windows\SysWow64\Apblend.dll
[2011/09/02 18:18:39 | 001,171,456 | ---- | C] () -- E:\windows\SysWow64\PicNotify.dll
[2011/09/02 18:18:39 | 000,472,416 | ---- | C] () -- E:\windows\SysWow64\Lenovo.VerifaceStub.dll
[2011/09/02 18:18:35 | 001,044,480 | ---- | C] () -- E:\windows\SysWow64\3DImageRenderer.dll
[2011/09/02 18:09:47 | 000,001,803 | ---- | C] () -- E:\windows\vm331Rmv.ini
[2011/09/02 18:09:47 | 000,001,803 | ---- | C] () -- E:\windows\SysWow64\vm331Rmv.ini
[2011/09/02 18:06:49 | 000,066,856 | ---- | C] () -- E:\windows\SysWow64\SynTPEnhPS.dll
[2011/09/02 17:57:43 | 000,000,000 | ---- | C] () -- E:\windows\ativpsrm.bin
[2011/09/02 17:54:07 | 000,002,975 | ---- | C] () -- E:\windows\SysWow64\atipblup.dat
[2011/09/02 17:52:10 | 000,002,975 | ---- | C] () -- E:\windows\SysWow64\atipblag.dat
[2011/09/02 17:48:46 | 000,963,116 | ---- | C] () -- E:\windows\SysWow64\igkrng600.bin
[2011/09/02 17:48:44 | 000,216,876 | ---- | C] () -- E:\windows\SysWow64\igfcg600m.bin
[2011/09/02 17:48:43 | 000,145,804 | ---- | C] () -- E:\windows\SysWow64\igcompkrng600.bin
[2010/11/20 23:24:49 | 000,252,928 | ---- | C] () -- E:\windows\SysWow64\DShowRdpFilter.dll
[2009/10/19 18:07:48 | 005,538,561 | ---- | C] () -- E:\Users\Fuhrmann\AppData\Roaming\George Harrison Here Comes the Sun.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\windows\SysWow64\mlang.dat
[2006/08/15 14:47:42 | 000,000,000 | ---- | C] () -- E:\windows\SysWow64\px.ini
[2006/08/08 23:19:50 | 000,520,192 | ---- | C] () -- E:\windows\SysWow64\CddbPlaylist2Roxio.dll
[2006/08/08 23:19:50 | 000,204,800 | ---- | C] () -- E:\windows\SysWow64\CddbFileTaggerRoxio.dll
[2006/08/08 20:00:00 | 000,045,056 | ---- | C] () -- E:\windows\SysWow64\besch.exe
[2006/08/08 20:00:00 | 000,028,672 | ---- | C] () -- E:\windows\SysWow64\besched.dll
[2006/07/07 14:44:33 | 000,520,192 | ---- | C] () -- E:\windows\SysWow64\DivXsm.exe
[2006/07/07 14:41:01 | 003,596,288 | ---- | C] () -- E:\windows\SysWow64\qt-dx331.dll
[2006/07/07 14:40:42 | 000,012,288 | ---- | C] () -- E:\windows\SysWow64\DivXWMPExtType.dll
[2003/10/01 20:00:00 | 000,208,896 | ---- | C] () -- E:\windows\SysWow64\lockout.dll
[2003/10/01 20:00:00 | 000,045,056 | ---- | C] () -- E:\windows\SysWow64\lockres.dll
 
========== LOP Check ==========
 
[2011/11/09 08:13:27 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2013/04/18 02:40:56 | 000,000,000 | ---D | M] -- E:\ProgramData\Babylon
[2012/03/08 09:40:22 | 000,000,000 | ---D | M] -- E:\ProgramData\BVRP Software
[2011/12/08 06:01:03 | 000,000,000 | ---D | M] -- E:\ProgramData\Canneverbe Limited
[2013/10/11 07:11:12 | 000,000,000 | -H-D | M] -- E:\ProgramData\Common Files
[2013/10/16 04:23:32 | 000,000,000 | ---D | M] -- E:\ProgramData\Conduit
[2011/11/18 13:07:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Conexant
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2011/11/09 08:13:27 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2013/07/26 11:33:15 | 000,000,000 | ---D | M] -- E:\ProgramData\elsterformular
[2011/11/09 08:15:50 | 000,000,000 | ---D | M] -- E:\ProgramData\Energy Management
[2011/11/09 08:13:27 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2011/11/11 06:33:43 | 000,000,000 | ---D | M] -- E:\ProgramData\Hauppauge
[2011/09/02 18:12:43 | 000,000,000 | ---D | M] -- E:\ProgramData\Lenovo Games
[2011/09/02 18:25:05 | 000,000,000 | ---D | M] -- E:\ProgramData\OneKey Recovery
[2011/12/20 16:59:24 | 000,000,000 | ---D | M] -- E:\ProgramData\Partner
[2012/01/27 10:20:21 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1986-12.com.adobe
[2012/03/08 09:29:49 | 000,000,000 | ---D | M] -- E:\ProgramData\Sony
[2013/04/11 08:37:30 | 000,000,000 | ---D | M] -- E:\ProgramData\SSScan
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2011/11/09 08:13:27 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2011/09/02 18:24:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2013/10/12 05:24:35 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software
[2013/10/16 12:44:22 | 000,000,000 | ---D | M] -- E:\ProgramData\VeriFace
[2012/04/07 10:46:02 | 000,000,000 | ---D | M] -- E:\ProgramData\Virtualized Applications
[2011/11/11 10:38:36 | 000,000,000 | ---D | M] -- E:\ProgramData\VirtualizedApplications
[2011/11/09 08:13:27 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2013/10/12 07:23:11 | 000,000,000 | -H-D | M] -- E:\ProgramData\{555121BA-F986-4E21-8393-648860D2C097}
[2013/10/12 07:23:11 | 000,000,000 | -H-D | M] -- E:\ProgramData\{7AB0CD67-9433-4A18-8840-D97410BBBBA7}
[2013/10/12 07:23:11 | 000,000,000 | -H-D | M] -- E:\ProgramData\{912F9698-5980-4830-9543-29F64B01AC5F}
[2013/10/12 07:23:12 | 000,000,000 | ---D | M] -- E:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2013/10/12 07:23:12 | 000,000,000 | -H-D | M] -- E:\ProgramData\{C408D0B2-D2DE-46C9-9628-D4E335EC4EB6}
[2013/10/12 07:23:12 | 000,000,000 | -HSD | M] -- E:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2013/10/02 15:29:07 | 000,032,632 | ---- | M] () -- E:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\UseNeXT:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\USB STICK SILBER:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Tina.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\sw_0003.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\sw_0002.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\sw_0001.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Sony:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Sony Ericsson:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Snapshot_20111109.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Roxio:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Rechnungen 2011:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Ordner Sony Eric:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Nero:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Nero CDS:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Lencar:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Kunden Olli:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Gesellschaften:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\DVDVideoSoft:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\DSP:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\diashow.mpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Brammer:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Booklets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\Adobe Scripts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Documents\AA Titelvorschläge:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Desktop\25072012052.JPG:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Desktop\09092012011.MP4:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> E:\Users\Fuhrmann\Desktop\09072012005.MP4:Roxio EMC Stream
< End of report >

Extras.txt

Code:

ATTFilter

OTL Extras logfile created on: 10/16/2013 10:28:18 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 200.00 Mb Total Space | 171.82 Mb Free Space | 85.91% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 28.91 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Drive E: | 654.69 Gb Total Space | 168.63 Gb Free Space | 25.76% Space Free | Partition Type: NTFS
Drive F: | 7.67 Gb Total Space | 7.67 Gb Free Space | 100.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- E:\windows\System32\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- E:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- E:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Fuhrmann\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Fuhrmann\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{779C9911-9F05-9D43-BFA8-C516D94C4790}" = WMV9/VC-1 Video Playback
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CFFF260C-F510-45BB-8F8E-1D4AC1232786}" = Adobe Photoshop Lightroom 3.3 64-bit
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E6C9718A-3CF7-E09A-2BEE-DAD37FF9C2EB}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCB6C82B-7E26-B4F4-E9D8-9C6C781CD33A}" = ATI Catalyst Install Manager
"3CAABDB4D5E19760A561BDB6506A3E8432AE8457" = Windows-Treiberpaket - Das USB  (09/20/2010 1.6.0)
"883C6F371CE9B23C1CF864201BD5C4BBCA440808" = Windows-Treiberpaket - Das (WinUSB) USB  (12/14/2011 1.4)
"AD8DE902B836E8AAF38035C3FD2D8B47A0960F4F" = Windows-Treiberpaket - LightingSoft AG (WinUSB) USB  (11/21/2012 2.0)
"ATI Uninstaller" = ATI Uninstaller
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinGimp-2.0_is1" = GIMP 2.6.8
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{779C9911-9F05-9D43-BFA8-C516D94C4790}" = WMV9/VC-1 Video Playback
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CFFF260C-F510-45BB-8F8E-1D4AC1232786}" = Adobe Photoshop Lightroom 3.3 64-bit
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E6C9718A-3CF7-E09A-2BEE-DAD37FF9C2EB}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCB6C82B-7E26-B4F4-E9D8-9C6C781CD33A}" = ATI Catalyst Install Manager
"3CAABDB4D5E19760A561BDB6506A3E8432AE8457" = Windows-Treiberpaket - Das USB  (09/20/2010 1.6.0)
"883C6F371CE9B23C1CF864201BD5C4BBCA440808" = Windows-Treiberpaket - Das (WinUSB) USB  (12/14/2011 1.4)
"AD8DE902B836E8AAF38035C3FD2D8B47A0960F4F" = Windows-Treiberpaket - LightingSoft AG (WinUSB) USB  (11/21/2012 2.0)
"ATI Uninstaller" = ATI Uninstaller
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinGimp-2.0_is1" = GIMP 2.6.8
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Fuhrmann_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
< End of report >

Ich hoffe, das war bisher alles so richtig.
Viele Grüße, Benny

schrauber · 16.10.2013, 21:29

hi,

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O20 - HKU\Fuhrmann_ON_E Winlogon: Shell - (C:\Users\Fuhrmann\AppData\Roaming\cache.dat) - E:\Users\Fuhrmann\AppData\Roaming\cache.dat ()
:files
C:\Users\Fuhrmann\AppData\Roaming\cache.dat
C:\Users\Fuhrmann\AppData\Roaming\cache.ini

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Rechner normal starten.

Windows 7 - weißer Bildschirm nach Start

Plagegeister aller Art und deren Bekämpfung: Windows 7 - weißer Bildschirm nach Start

Windows 7 - weißer Bildschirm nach Start

Windows 7 - weißer Bildschirm nach Start

Ähnliche Themen: Windows 7 - weißer Bildschirm nach Start