Windows7 Firewall startet nicht Fehler 0x8007042c

Markus Münch · 05.01.2014, 16:46

hier mein mit otl erstellter Log:

Extra.txt:OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 05.01.2014 14:42:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\markus\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,75 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 73,78% Memory free
7,49 Gb Paging File | 6,47 Gb Available in Paging File | 86,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,50 Gb Total Space | 390,65 Gb Free Space | 86,52% Space Free | Partition Type: NTFS

Computer Name: MARKUS-PC | User Name: markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-409195208-536281958-3444761892-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{014A321C-07F4-4D26-9AD3-255D674F4B3B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{08A194BD-44AF-41AD-81C7-30F5251EBAF4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{08CBBFF3-B3ED-4764-A3DC-737150313DA0}" = lport=137 | protocol=17 | dir=in | app=system | 
"{239C6E3C-C5A0-42E7-9CF4-12112501FC0C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{2DEE8875-3067-434B-96DA-07D4A12C674D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{39D7BA02-6822-4F9F-96DD-B47300265EE2}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5DBF8D5C-7A4F-44B8-B56C-D9AADFA5F911}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{61145437-73B1-46C7-A19A-ED4E7C731EE1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6AB72650-D8D4-42FD-B93F-389448E2C71F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{6C12688C-538B-41A1-91A0-5E8E6205E79F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{74E2BA39-9FE7-4300-BA8A-B016DD35DA49}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{88B35772-0656-48F8-BF30-6E74F1FB09CD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9069F421-E9C8-4A9A-B406-340B6BEE59DA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{98F7328A-50EE-4F98-B612-D4DF94B7125B}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{A08B6DAE-595A-424A-8548-DF4AD78D7C98}" = rport=137 | protocol=17 | dir=out | app=system | 
"{ACA5AEBE-855D-4AF3-AF35-8C692C2B6813}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B3096F3B-A19F-4EF0-9AD5-3C77BEB3DE31}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C0C618F6-4F10-4F36-B7C8-81980B41342C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C413E094-4102-4650-BB5C-C69FF162B0B4}" = rport=445 | protocol=6 | dir=out | app=system | 
"{CFC5D13E-9738-4F0C-9E7D-127C6DFD1E18}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D5D6F25D-6EFE-4AA3-BC4E-220134A30518}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DC249FFC-FF32-4F46-A225-B7596DD6A919}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EEEACE50-F37C-40BD-B88D-C81E18624C4C}" = lport=445 | protocol=6 | dir=in | app=system | 
"{F633C12D-BCE2-4160-BB77-747622404A8E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F7DFBB39-9E52-46E8-9152-EFC59271D26D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B4FF3B-DE4B-4442-831F-DA0338A5EC5D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe | 
"{04EDF99A-88C7-4F93-A5D9-FB5C18E8B693}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{05ED3503-6472-4693-A008-6A207909D655}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{10CFE27F-AE18-454F-B2B8-80E622C5DA17}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1A514028-67F2-423E-8C37-F3F7D4E627BF}" = protocol=6 | dir=out | app=system | 
"{1C38475D-E579-42D7-8AF8-378D271CDC1D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1EDAD215-77EA-4414-A9F0-A84F1C9AE351}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{25972B66-BBAA-4534-BF1A-DB16B9CC58DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{291CDE7A-0133-4B21-AA7C-2522563B55C3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{37CD209A-06D6-439A-B6BC-841403D33E0B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{37E0AAA4-3B8D-4761-B725-CE5710B5A16B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{62B04ABF-31B7-4EE8-926B-6FFEDA0DD5A4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7385E925-B4DA-4286-A495-79139FD8ADA5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9E010A9E-B921-4503-B579-F2B165F848D1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A3B54C86-7AE3-45A0-B6D3-81AB1265AD77}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{A952A1B6-C9EA-4529-B69A-EDF2900874E8}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{B497D1F8-79CE-4882-82E5-FD0BE47B0C6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B6C85C55-61C1-4805-B14F-B1C5B68B2270}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C2161DE4-1067-40F2-B6CF-B9A8D461A976}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{C3C6E4DE-9D48-4807-8AA9-7B91FC2C2687}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C69BB884-3AF3-424D-8418-5B8B098D82A4}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{D0FAAD36-4E12-4161-9DD1-6E6A8CFECA20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D25E6C4B-793A-4BF4-80F9-5F9ADB17DEAE}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{DB5D0AFA-D2C1-4BFB-BEA1-F0019FC5BD53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DE78E6BA-1A5E-4C53-89D5-0C01B0B5EDE2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E045763D-D69F-4155-9157-7495478F6E4B}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{F27D3E0F-E448-41FF-B30E-7AB3EF66BC9D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE4F859D-1C64-48D5-9A00-CC4DA00CEEB3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{3345AAB1-E31E-4DBB-B257-FE87BC136726}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{5997C0FC-D927-4F38-A680-EEF7998C9E18}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0158415-15CA-B2A0-928D-E755DD506C0D}" = ATI Catalyst Install Manager
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AD136254-E6F2-EAE8-7E36-9D65E13B0A7E}" = ccc-utility64
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E102B843-786A-4F58-AF75-6504570E207B}" = Microsoft Security Client
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"Microsoft Security Client" = Microsoft Security Essentials
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01A1F857-F5C6-0842-333A-FA7806FAF70A}" = CCC Help Danish
"{038EBE9A-2AD4-9B6D-C7FB-377FF5112C16}" = CCC Help Swedish
"{08840099-3121-798D-88BB-76C5087890AF}" = CCC Help Czech
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1D7E84F5-7AA3-CD1F-3EA1-975313E9293A}" = CCC Help Portuguese
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1ED4CA4A-2ABA-9302-D7F3-A0597294828B}" = Catalyst Control Center Graphics Light
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22037905-EB4C-3427-DD8C-6ABBBE306B0D}" = CCC Help Polish
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{284B8BD0-0046-288F-79E3-160F17D18904}" = CCC Help Spanish
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2B33E393-D2DE-E00C-95A2-96AB49FC2DBB}" = CCC Help Norwegian
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37E6B486-08A4-3383-29BB-BD0591BD0E9D}" = Catalyst Control Center Core Implementation
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{401F4EB7-FDF4-1B7A-54F6-5EE7CF0C0F8F}" = CCC Help Chinese Standard
"{427DB714-23EF-6CBC-4DD1-015674AF8AB7}" = CCC Help Finnish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4493F494-3E4D-E35C-BF37-1EF22539DCE3}" = CCC Help Korean
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{573EC8CA-E2FD-B1F7-4DAB-671AD39888A7}" = CCC Help Japanese
"{5869CFDE-54D8-D3F1-A8F5-4FCA8A910BFB}" = Catalyst Control Center Graphics Previews Common
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{5B5CF192-F4BB-A213-CE03-7C8FB7A5E3E2}" = Catalyst Control Center Graphics Full New
"{66D171AA-670F-4309-9C74-5BA7F7DBA0B3}" = Roxio Media Manager
"{679A43C5-1A03-CF8F-B73E-C4A095C2687D}" = CCC Help French
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7B037B61-22B4-C382-DCD9-05DB38D1149D}" = CCC Help Italian
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{81E6A85A-EF55-F1F4-3CBB-BE01F03CE3F3}" = CCC Help Hungarian
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D705770-8266-3A59-3AD8-6E666EC4CF77}" = CCC Help Thai
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B449C1A-4F64-4ED4-8C96-31B222E8377F}" = BlackBerry Desktop Software 4.2.2
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E0FC21F-1DC1-0B4C-E8E0-74420102C75B}" = CCC Help Chinese Traditional
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A479E320-40DB-BDA6-6CEB-A08C9DEDE80C}" = ccc-core-static
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B1B7FDAA-9DC3-2408-18B2-9B4CB8CF0F80}" = CCC Help German
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BCFDADA0-04B1-6335-6362-BB854A216C23}" = CCC Help Russian
"{C214A856-F569-0065-714F-8D2A4A092C6C}" = CCC Help Turkish
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9413C02-2978-BC8B-D67C-6FF88ADBD1A3}" = CCC Help English
"{CB7AF84A-1B7F-4C6B-8A58-EB7CDE48C23A}" = LogMeIn
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0485C2A-6BED-4E6A-8517-A1ED3F990AB2}" = Catalyst Control Center Graphics Full Existing
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.194.1021
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D78667E4-E8EB-2B30-5029-29B9C3367B85}" = CCC Help Dutch
"{DB17E288-610C-45DC-E160-E7EB09A1FA88}" = Catalyst Control Center Localization All
"{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E45E3860-CDA5-93DF-8DAA-9AC4E556BF11}" = CCC Help Greek
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F623B2D2-9070-FF31-F47A-287802544F71}" = Catalyst Control Center InstallProxy
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC635D8E-FFBA-4B2C-BE68-A37D56BDFB74}" = Catalyst Control Center - Branding
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BlackBerry_{9B449C1A-4F64-4ED4-8C96-31B222E8377F}" = BlackBerry Desktop Software 4.2.2
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.01" = GPL Ghostscript 9.01
"Identity Card" = Identity Card
"iFunbox_is1" = iFunbox (v2.1.2228.731), iFunbox DevTeam
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"Mozilla Thunderbird 24.2.0 (x86 de)" = Mozilla Thunderbird 24.2.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"WinLiveSuite" = Windows Live Essentials
"Winload Toolbar" = Winload Toolbar
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar 

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 7040
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 7042
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 9002
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 3029
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 3029
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 3028
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 3058
Description = 

Error - 13.03.2013 03:06:52 | Computer Name = markus-PC | Source = Windows Search Service | ID = 7010
Description = 

Error - 13.03.2013 05:53:09 | Computer Name = markus-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error - 18.03.2013 09:36:28 | Computer Name = markus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 19.0.2.4814,
Zeitstempel: 0x5138a1d3 Name des fehlerhaften Moduls: xul.dll, Version: 19.0.2.4814,
Zeitstempel: 0x5138a0ed Ausnahmecode: 0xc0000005 Fehleroffset: 0x00172818 ID des fehlerhaften
Prozesses: 0xad4 Startzeit der fehlerhaften Anwendung: 0x01ce23ad925ed302 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
d568e9ac-8fd0-11e2-9e00-206a8a2d8d1b

[ Media Center Events ]
Error - 03.06.2011 02:50:10 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 08:50:10 - Fehler beim Herstellen der Internetverbindung. 08:50:10 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 03.06.2011 02:50:26 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 08:50:16 - Fehler beim Herstellen der Internetverbindung. 08:50:16 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 04.06.2011 03:05:14 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 09:05:13 - Fehler beim Herstellen der Internetverbindung. 09:05:13 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 04.06.2011 03:05:25 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 09:05:19 - Fehler beim Herstellen der Internetverbindung. 09:05:19 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 04.06.2011 04:05:33 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 10:05:32 - Fehler beim Herstellen der Internetverbindung. 10:05:32 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 04.06.2011 04:05:39 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 10:05:38 - Fehler beim Herstellen der Internetverbindung. 10:05:38 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 02.12.2013 22:15:50 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 03:15:45 - Fehler beim Herstellen der Internetverbindung. 03:15:45 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 02.12.2013 23:16:16 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 04:16:15 - Fehler beim Herstellen der Internetverbindung. 04:16:15 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 03.12.2013 00:16:22 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 05:16:21 - Fehler beim Herstellen der Internetverbindung. 05:16:21 
- Serververbindung konnte nicht hergestellt werden.. 

Error - 03.12.2013 01:16:27 | Computer Name = markus-PC | Source = MCUpdate | ID = 0
Description = 06:16:26 - Fehler beim Herstellen der Internetverbindung. 06:16:26 
- Serververbindung konnte nicht hergestellt werden.. 

[ System Events ]
Error - 05.01.2014 09:41:07 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.

Error - 05.01.2014 09:41:17 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
%%5

Error - 05.01.2014 09:41:17 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%5

Error - 05.01.2014 09:41:34 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
%%5

Error - 05.01.2014 09:41:36 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
%%5

Error - 05.01.2014 09:41:36 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPsec-Richtlinien-Agent" ist vom Dienst "Basisfiltermodul"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%5

Error - 05.01.2014 09:41:36 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
%%5

Error - 05.01.2014 09:41:36 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Basisfiltermodul" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%5

Error - 05.01.2014 09:41:37 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Basisfiltermodul" wurde mit folgendem Fehler beendet: 
%%5

Error - 05.01.2014 09:41:37 | Computer Name = markus-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
vom Dienst "Basisfiltermodul" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%5


< End of report >

--- --- ---

OTL.txt:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 05.01.2014 14:42:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\markus\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,75 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 73,78% Memory free
7,49 Gb Paging File | 6,47 Gb Available in Paging File | 86,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,50 Gb Total Space | 390,65 Gb Free Space | 86,52% Space Free | Partition Type: NTFS

Computer Name: MARKUS-PC | User Name: markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.12.30 14:51:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\markus\Desktop\OTL.exe
PRC - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.05.27 04:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe


========== Modules (No Company Name) ==========

MOD - [2013.01.28 12:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.01.28 12:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013.11.26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2010.04.27 07:49:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.12.13 19:50:17 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.13 13:09:13 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2013.12.13 13:09:08 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013.12.11 17:57:23 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013.10.23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.06.26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013.06.26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013.06.21 08:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.04.30 09:57:00 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.11 02:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.06.11 14:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.05.27 04:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.13 13:09:08 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2013.09.27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.08.29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.06.26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013.06.26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013.06.26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013.06.26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013.04.30 09:57:00 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2013.04.30 09:56:42 | 000,014,944 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\radpms.sys -- (radpms)
DRV:64bit: - [2013.04.30 09:56:42 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2013.01.23 09:31:52 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2013.01.23 09:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 09:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 09:31:52 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 09:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.12.13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.10.17 13:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.06.08 04:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.06.04 12:59:00 | 004,171,328 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.04.28 23:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010.04.28 23:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.04.27 13:56:34 | 006,659,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.27 07:17:26 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.08 13:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.03.27 05:43:58 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2007.05.14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2007.03.23 02:00:00 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007.01.18 14:10:22 | 000,030,336 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV - [2013.04.30 09:57:00 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys -- (LMIInfo)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2013-12-30&ent=hp&u=75D3D5BF6019789A770C3E52C19D3F14
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..\SearchScopes,DefaultScope = {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2013-12-30&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q={searchTerms}
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-409195208-536281958-3444761892-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.order.1: "Search By ZoneAlarm"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "https://www.google.de"
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.2.3
FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.1024
FF - prefs.js..extensions.enabledAddons: searchyoutube%40searchyoutube.fr:1.0
FF - prefs.js..extensions.enabledAddons: trafficlight%40bitdefender.com:0.2.16
FF - prefs.js..extensions.enabledAddons: virusscan%40bullguard.com:1.0.3
FF - prefs.js..extensions.enabledAddons: %7B27c60876-b5c9-4335-b4f3-52b26782220c%7D:0.9.4
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.5
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7Bef62e1ce-d2a4-4cdd-b7ec-92b120366b66%7D:2.7.8
FF - prefs.js..extensions.enabledAddons: %7Bf13b157f-b174-47e7-a34d-4815ddfdfeb8%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: autopager%40mozilla.org:0.8.0.10
FF - prefs.js..extensions.enabledAddons: snt%40dotlabs.co:1.0
FF - prefs.js..extensions.enabledAddons: om%40offermosquito.com:1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..keyword.URL: "hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q="
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.12.13 19:49:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.12.11 15:39:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.12.13 19:49:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.12.11 15:39:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011.03.24 22:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\Extensions
[2011.03.24 22:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2014.01.02 18:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions
[2013.11.17 10:54:19 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013.11.27 11:50:00 | 000,000,000 | ---D | M] (WOT) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.12.13 19:55:13 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.03.07 10:55:06 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2013.11.05 10:30:29 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\foxyproxy@eric.h.jung
[2013.08.24 17:54:11 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\LogMeInClient@logmein.com
[2013.11.20 12:27:25 | 000,000,000 | ---D | M] (Bullguard Virus Scan) -- C:\Users\markus\AppData\Roaming\mozilla\Firefox\Profiles\irf01ocn.default\extensions\virusscan@bullguard.com
[2013.08.16 13:30:02 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.12.19 14:03:16 | 000,349,185 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\autopager@mozilla.org.xpi
[2013.11.06 11:38:38 | 001,338,622 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\firefox@ghostery.com.xpi
[2013.07.29 08:19:05 | 000,019,910 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\jsterm@paulrouget.com.xpi
[2013.11.25 15:13:34 | 000,161,137 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\no-clickjacking@daohoangson.com.xpi
[2013.12.19 18:35:06 | 000,062,798 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\om@offermosquito.com.xpi
[2013.11.25 15:15:26 | 000,009,470 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\searchyoutube@searchyoutube.fr.xpi
[2013.12.16 12:46:36 | 000,004,388 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\snt@dotlabs.co.xpi
[2013.11.20 12:27:25 | 000,921,410 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\trafficlight@bitdefender.com.xpi
[2013.11.20 12:24:52 | 000,158,589 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi
[2013.11.20 12:27:25 | 000,007,532 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}.xpi
[2014.01.02 18:50:30 | 000,535,529 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.10.10 15:33:54 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.12.13 19:57:38 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.11.08 11:38:34 | 000,024,565 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
[2013.07.29 08:19:37 | 000,210,138 | ---- | M] () (No name found) -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
[2013.12.26 18:05:30 | 000,002,438 | ---- | M] () -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\searchplugins\fbdownloader_search.xml
[2014.01.02 12:38:05 | 000,001,488 | ---- | M] () -- C:\Users\markus\AppData\Roaming\mozilla\firefox\profiles\irf01ocn.default\searchplugins\zonealarm.xml
[2013.12.13 19:49:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.12.13 19:49:50 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.13 19:49:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.13 19:50:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files (x86)\Winload\prxtbWin0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-409195208-536281958-3444761892-1000..\Run: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..Trusted Domains: index.de ([dokumente] https in Trusted sites)
O15 - HKU\S-1-5-21-409195208-536281958-3444761892-1000\..Trusted Domains: index.de ([ptnet] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FA589985-1030-4427-9416-8EDC9A7E39EE}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ecf38bc9-2963-11e0-b7df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ecf38bc9-2963-11e0-b7df-806e6f6e6963}\Shell\AutoRun\command - "" = D:\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.01.02 13:13:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.01.02 12:39:49 | 000,000,000 | ---D | C] -- C:\Users\markus\AppData\Roaming\CheckPoint
[2014.01.02 12:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2014.01.02 12:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2013.12.30 17:37:02 | 000,000,000 | ---D | C] -- C:\Users\markus\AppData\Roaming\LavasoftStatistics
[2013.12.30 17:21:20 | 000,000,000 | ---D | C] -- C:\Users\markus\AppData\Roaming\SecureSearch
[2013.12.30 17:20:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2013.12.30 17:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.12.30 16:41:40 | 000,000,000 | ---D | C] -- C:\inetpub
[2013.12.30 14:51:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\markus\Desktop\OTL.exe
[2013.12.30 14:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.12.30 14:27:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.12.28 15:00:26 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.12.26 18:04:57 | 000,000,000 | ---D | C] -- C:\Users\markus\AppData\Roaming\Snz
[2013.12.16 12:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.12.13 19:49:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.11 15:39:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.12.09 11:57:37 | 000,000,000 | ---D | C] -- C:\Users\markus\STI
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.05 14:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.05 14:47:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.05 14:47:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.05 14:42:06 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 14:42:06 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 14:34:43 | 000,343,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.01.05 14:34:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.05 14:34:21 | 3018,461,184 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.30 18:16:43 | 000,000,402 | ---- | M] () -- C:\Users\markus\Desktop\Repair.bat
[2013.12.30 16:39:21 | 001,622,236 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.30 16:39:21 | 000,700,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.12.30 16:39:21 | 000,654,932 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.30 16:39:21 | 000,149,984 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.12.30 16:39:21 | 000,122,546 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.30 14:51:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\markus\Desktop\OTL.exe
[2013.12.30 14:27:32 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.12.30 13:06:27 | 000,018,712 | ---- | M] () -- C:\Windows\wininit.ini
[2013.12.28 15:19:23 | 001,596,516 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.13 13:09:08 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2013.12.13 13:09:08 | 000,092,488 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2013.12.13 13:09:08 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.05 14:34:27 | 000,343,000 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.30 18:16:43 | 000,000,402 | ---- | C] () -- C:\Users\markus\Desktop\Repair.bat
[2013.12.30 14:27:19 | 000,002,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013.06.14 20:52:49 | 000,018,712 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.31 14:17:31 | 000,104,125 | ---- | C] () -- C:\ProgramData\1338470141.bdinstall.bin
[2012.05.31 14:06:00 | 000,223,544 | ---- | C] () -- C:\ProgramData\1338469128.bdinstall.bin
[2011.03.24 23:06:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.19 05:11:21 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.06.01 11:39:00 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Blackberry Desktop
[2014.01.02 12:39:49 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\CheckPoint
[2013.06.14 16:27:13 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.06.14 20:42:34 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Common
[2013.07.23 21:42:47 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\DataMgr
[2013.06.14 20:52:52 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\FBDownloader
[2013.12.10 08:47:15 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\iFunbox_UserCache
[2013.12.26 18:05:15 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Intermediate
[2013.06.14 13:16:29 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Nokia
[2013.06.14 13:15:52 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Nokia Suite
[2011.03.24 21:56:33 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\OpenOffice.org
[2011.04.05 17:57:25 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Participatory Culture Foundation
[2013.06.14 13:15:47 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\PC Suite
[2011.04.05 18:17:51 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\PCF-VLC
[2013.12.30 14:38:20 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\QuickScan
[2013.06.01 11:48:55 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Research In Motion
[2013.11.29 09:05:45 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\SCheck
[2013.12.30 17:21:20 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\SecureSearch
[2013.12.26 18:05:02 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Snz
[2013.12.28 14:59:07 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\SoftGrid Client
[2013.06.14 20:42:38 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\SSync
[2013.06.14 12:38:30 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Systweak
[2011.03.24 22:02:36 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Thunderbird
[2011.03.24 21:29:33 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\TP
[2013.12.13 17:29:26 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Virus Scan
[2011.03.27 18:44:20 | 000,000,000 | ---D | M] -- C:\Users\markus\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:798A3728

< End of report >

--- --- ---

Ich bitte um Hilfe, was ich tun kann.

VG
M.

Windows7 Firewall startet nicht Fehler 0x8007042c

Log-Analyse und Auswertung: Windows7 Firewall startet nicht Fehler 0x8007042c

Windows7 Firewall startet nicht Fehler 0x8007042c

Ähnliche Themen: Windows7 Firewall startet nicht Fehler 0x8007042c