Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Über meine Mail-Adreße wird Spam versendet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.01.2014, 00:02   #1
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Es werden seit öfteren Mails von meinem Mail-Account nicht zugestellt, mit der Begründung das meine IP-Adreße auf einer Blacklist steht. Nun ist mir aufgefallen, dass ich diese Rückläufer auch von Adreßen bekomme an die ich gar nichts versendet habe und die auch Trojaner enthalten. Wie kann es sein das von meiner Mail-Adreße Spam verschickt wird. Folgende Mail z.B. habe ich zurückerhalten, diese enthält Trojaner hier mal den Header:

Code:
ATTFilter
Return-Path: <>
Received: from email.hansenet.de (213.191.73.25) by email.hansenet.de (8.0.026)
        id 5272ADE00060D67B for ute@thomas-stickel.de; Fri, 10 Jan 2014 20:15:54 +0100
Received-SPF: permerror (email.hansenet.de: error while parsing SPF record for domain spf.trusted-forwarder.org)
              identity=helo; receiver=email.hansenet.de; client_ip=213.191.74.27; helo=mr05.hansenet.de;
Received-SPF: permerror (email.hansenet.de: error while parsing SPF record for domain spf.trusted-forwarder.org)
              identity=helo; receiver=email.hansenet.de; client_ip=213.191.74.27; helo=mr05.hansenet.de;
Received: from mr05.hansenet.de (213.191.74.27) by email.hansenet.de (8.5.113)
        id 529F306002977233 for ute@thomas-stickel.de; Fri, 10 Jan 2014 18:52:21 +0100
Received: from email.hansenet.de (213.191.73.26) by mr05.hansenet.de (8.0.026)
        id 525B9A8100C5CC36 for ute@thomas-stickel.de; Fri, 10 Jan 2014 18:00:47 +0100
Received: by email.hansenet.de (8.5.113) id 529F2FAB02276AF9 for ute@thomas-stickel.de; Fri, 10 Jan 2014 16:29:30 +0100
From: Mail Delivery Service <postmaster@post.hansenet.de>
Subject: Delivery Status Notification
To: ute@thomas-stickel.de
Date: Fri, 10 Jan 2014 16:29:30 +0100
Message-ID: <529F2FAB02276AF8@email.hansenet.de>
X-CP-Transaction-ID: 529F2FAB02276AF0
X-CP-For: mr.c3po@gmx.de
MIME-Version: 1.0
Content-Type: Multipart/Report; report-type=delivery-status; boundary="========/529F2FAB02276AF0/email.hansenet.de"


 - These recipients of your message have been processed by the mail server:
mr.c3po@gmx.de; Failed; 5.1.1 (bad destination mailbox address)

    Remote MTA mx01.gmx.net: SMTP diagnostic: 550 Requested action not taken: mailbox unavailable





Reporting-MTA: dns; email.hansenet.de
Received-from-MTA: dns; medion (217.191.205.27)
Arrival-Date: Fri, 10 Jan 2014 16:29:30 +0100

Final-Recipient: rfc822; mr.c3po@gmx.de
Action: Failed
Status: 5.1.1 (bad destination mailbox address)
Remote-MTA: dns; mx01.gmx.net
Diagnostic-Code: smtp; 550 Requested action not taken: mailbox unavailable




Beginn der angehängten Nachricht

Return-Path: <ute@thomas-stickel.de>
Received: from medion (217.191.205.27) by email.hansenet.de (8.5.113) (authenticated as ute@thomas-stickel.de)
        id 529F2FAB02276AF0 for mr.c3po@gmx.de; Fri, 10 Jan 2014 16:29:30 +0100
Message-ID: <529F2FAB02276AF0@email.hansenet.de> (added by postmaster@post.hansenet.de)
From: "Arbeitsamt Online 24" <ute@thomas-stickel.de>
To: "Dominique Raphael" <mr.c3po@gmx.de>
Subject: Arbeitsagentur Arbeitsstellen Dominique Raphael 10.01.2014
Date: Fri, 10 Jan 2014 17:00:46 GMT
Reply-To: <BrendaFryuia@gmx.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-Priority: 3
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Reply ReplyAll 

Guten Tag Dominique Raphael,

es stehen folgende Arbeitsstellen ab den 13.01.2014 in Deutschland bereit:

Arbeitsangebot: Archivar / Scanner (m/w) Kennziffer TMM-4176-326
Es sind 19 freie Jobs zu besetzen. 

Wir sind ein expandierendes internationales Unternehmen und suchen zur Zeit neue Mitarbeiter zur Verstärkung des Teams in ganz Deutschland. 
Ihr Tätigkeitsfeld wird sich auf das Digitalisieren von Dokumenten und Schriftstücken beschränken und kann von zu hause erledigt werden Der Arbeitnehmer hat keine eigenen Ausgaben und muss keine technische Kenntnisse mitbringen. Die benötigte technische Ausrüstung wird von uns frei zur Verfügung gestellt. Das Gehalt beläuft sich auf 21,50 Euro Brutto/Stunde. Die Position kann gerne von Rentnern, Hausfrauen und auch nebenberuflich besetzt werden. 

Worauf wir bei unseren Mitarbeiter Wert legen:

- Gewissenhaftigkeit, Pünktlichkeit und Diskretion
- Erlaubnis zur Arbeitsaufnahme in Deutschland
- verantwortungsvolle, selbstständige Arbeitsweise 
- genaue und strukturierte Arbeitsweise
- Basis Kenntnisse im Umgang mit Word und Excel sind erwünscht 
- eigenständiges, schnelles Handeln in Problemsituationen
- gute Kenntnisse im Umgang mit dem PC


Wenn wir Ihr Interesse geweckt haben, schicken Sie uns Ihre aussagekräftigen Bewerbungsunterlagen noch heute, gerne per E-Mail an: LoraineBradycen@gmx.com. 

Wir freuen uns auf Ihre Bewerbung.

Mit freundlichen Grüßen

Paul Engel Arbeitsagentur Service



Ende der angehängten Nachricht
         

Alt 11.01.2014, 11:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 11.01.2014, 14:32   #3
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 02
Ran by Besitzer (administrator) on PC on 11-01-2014 14:35:04
Running from C:\Users\Besitzer\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJHE.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
         




Kann das Programm nicht ausführen. Es kommt folgende Fehlermeldung:
__________________
Miniaturansicht angehängter Grafiken
-viren1.jpg  

Geändert von loelli06 (11.01.2014 um 14:39 Uhr)

Alt 12.01.2014, 08:17   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.01.2014, 08:52   #5
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Code:
ATTFilter
OTL logfile created on: 12.01.2014 08:39:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Besitzer\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,82 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 57,59% Memory free
4,51 Gb Paging File | 2,91 Gb Available in Paging File | 64,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,08 Gb Total Space | 405,73 Gb Free Space | 91,16% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (EpsonScanSvc) -- C:\Windows\SysNative\escsvc64.exe (Seiko Epson Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (GamesAppIntegrationService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (WildTangent)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (EpsonCustomerResearchParticipation) -- C:\Programme\EPSON\EpsonCustomerResearchParticipation\EPCP.exe (SEIKO EPSON CORPORATION)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (RfButtonDriverService) -- C:\Windows\RfBtnSvc64.exe (Dritek System INC.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Acer Incorporated)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (DeviceFastLaneService) -- C:\Programme\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (BrcmCardReader) -- C:\Programme\Broadcom\MemoryCard\BrcmCardReader.exe (Broadcom Corp.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (Ps2Kb2Hid) -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys (Dritek System Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (AthDfu) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)
DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)
DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV - (cleanhlp) -- C:\EEK\Run\cleanhlp64.sys (Emsisoft GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {D1096D1E-E11C-40FB-9AB9-5EF8E25DAE27}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{D1096D1E-E11C-40FB-9AB9-5EF8E25DAE27}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {D1096D1E-E11C-40FB-9AB9-5EF8E25DAE27}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D1096D1E-E11C-40FB-9AB9-5EF8E25DAE27}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {D1096D1E-E11C-40FB-9AB9-5EF8E25DAE27}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: e-webprint%40epson.com:1.17.00
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\e-webprint@epson.com: C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013.06.30 12:58:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.06.28 15:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2014.01.07 08:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\0zkvo4o4.default\extensions
[2014.01.07 08:36:27 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\0zkvo4o4.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2013.12.21 11:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.12.21 11:26:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.30 12:58:20 | 000,000,000 | ---D | M] (E-Web Print) -- C:\PROGRAM FILES (X86)\EPSON SOFTWARE\E-WEB PRINT\FIREFOX ADD-ON
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - Extension: Google Docs = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Google Mail = C:\Users\Besitzer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LManager]  File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-3540 Series" File not found
O4 - HKCU..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-3540 Series" File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Besitzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30A2F4B2-69F8-4F51-AFC5-3C7A7C1FAD08}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB5AB50E-3A5C-4B29-9FD5-DB29A501FD37}: DhcpNameServer = 10.61.12.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.01.12 08:36:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2014.01.11 14:26:37 | 000,000,000 | ---D | C] -- C:\FRST
[2014.01.11 14:26:12 | 002,076,160 | ---- | C] (Farbar) -- C:\Users\Besitzer\Desktop\FRST64.exe
[2014.01.07 17:18:41 | 000,000,000 | ---D | C] -- C:\EEK
[2014.01.07 08:36:30 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\QuickScan
[2014.01.06 07:25:08 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2014.01.06 07:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.06 07:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.06 07:24:51 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.01.06 07:24:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.06 07:24:36 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Programs
[2013.12.21 11:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.14 18:57:14 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2013.12.14 18:57:13 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2013.12.14 18:57:12 | 013,177,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2013.12.14 18:57:11 | 000,840,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2013.12.14 18:57:10 | 011,674,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2013.12.14 18:57:10 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2013.12.14 18:57:10 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2013.12.14 18:57:09 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2013.12.14 18:57:09 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2013.12.14 18:57:09 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2013.12.14 18:57:09 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2013.12.14 18:57:09 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2013.12.14 18:57:09 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2013.12.14 18:57:08 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2013.12.14 18:57:07 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2013.12.14 18:57:07 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2013.12.14 18:57:07 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2013.12.14 18:57:07 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2013.12.14 18:57:07 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2013.12.14 18:57:07 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2013.12.14 18:57:06 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2013.12.14 18:57:06 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2013.12.14 18:57:06 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2013.12.14 18:57:05 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2013.12.14 18:57:05 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2013.12.14 18:57:05 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2013.12.14 18:57:05 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2013.12.14 18:57:05 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2013.12.14 18:57:05 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2013.12.14 18:57:05 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2013.12.14 18:57:04 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2013.12.14 18:57:04 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2013.12.14 18:57:04 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2013.12.14 18:57:04 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2013.12.14 18:57:04 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2013.12.14 18:57:04 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2013.12.14 18:57:03 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2013.12.14 18:57:03 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2013.12.14 18:57:03 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2013.12.14 18:57:02 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2013.12.14 18:57:02 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2013.12.14 18:57:02 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2013.12.14 18:57:02 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.12.14 18:57:02 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.12.14 18:57:02 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
 
========== Files - Modified Within 30 Days ==========
 
[2014.01.12 08:36:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2014.01.12 08:34:52 | 000,002,199 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.01.12 08:34:15 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.12 08:34:01 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.12 08:32:12 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.01.12 08:32:11 | 3279,335,424 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.12 08:31:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.12 00:49:54 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.11 18:43:51 | 000,018,185 | ---- | M] () -- C:\Users\Besitzer\Documents\minxschimmel.odt
[2014.01.11 14:29:15 | 000,247,887 | ---- | M] () -- C:\Users\Besitzer\Desktop\viren1.jpg
[2014.01.11 14:26:16 | 002,076,160 | ---- | M] (Farbar) -- C:\Users\Besitzer\Desktop\FRST64.exe
[2014.01.10 17:40:37 | 000,040,819 | ---- | M] () -- C:\Users\Besitzer\Desktop\Ausgabentabelle.ods
[2014.01.08 17:44:28 | 000,002,082 | ---- | M] () -- C:\Users\Besitzer\Desktop\Entfernen des Avira EU-Cleaners.lnk
[2014.01.08 17:44:28 | 000,002,026 | ---- | M] () -- C:\Users\Besitzer\Desktop\Avira EU-Cleaner.lnk
[2014.01.07 17:19:12 | 000,000,558 | ---- | M] () -- C:\Users\Besitzer\Desktop\Emsisoft Emergency Kit.lnk
[2014.01.06 07:24:56 | 000,001,125 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.12.16 08:28:48 | 000,360,528 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2014.01.11 18:43:49 | 000,018,185 | ---- | C] () -- C:\Users\Besitzer\Documents\minxschimmel.odt
[2014.01.11 14:29:15 | 000,247,887 | ---- | C] () -- C:\Users\Besitzer\Desktop\viren1.jpg
[2014.01.07 17:19:12 | 000,000,558 | ---- | C] () -- C:\Users\Besitzer\Desktop\Emsisoft Emergency Kit.lnk
[2014.01.07 08:39:31 | 000,002,082 | ---- | C] () -- C:\Users\Besitzer\Desktop\Entfernen des Avira EU-Cleaners.lnk
[2014.01.07 08:39:31 | 000,002,026 | ---- | C] () -- C:\Users\Besitzer\Desktop\Avira EU-Cleaner.lnk
[2014.01.06 07:24:56 | 000,001,125 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012.12.14 01:42:30 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012.12.14 01:42:30 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012.12.14 01:42:28 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012.04.20 12:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.05 21:21:27 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 199 bytes -> C:\Users\Besitzer\SkyDrive:ms-properties

< End of report >
         


Code:
ATTFilter
OTL Extras logfile created on: 12.01.2014 08:39:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Besitzer\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,82 Gb Total Physical Memory | 2,20 Gb Available Physical Memory | 57,59% Memory free
4,51 Gb Paging File | 2,91 Gb Available in Paging File | 64,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,08 Gb Total Space | 405,73 Gb Free Space | 91,16% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1663D5CB-D425-4CF4-B61F-9F4CDFDD5A38}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{323D128E-889F-4398-B979-3C03B5BC40C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{45142333-A726-4096-AC26-5643FA396968}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{7C89303B-2B0B-456B-844A-C0544E964095}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{7D1CA38C-5893-4B4E-841A-1E8D25F349C3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{7E5C4F40-E6E5-4110-9D90-E31770B436B1}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{94C80185-2CFC-436B-BD63-C0AE2F729992}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B38E692D-221B-4D16-9036-82ED4D2989BF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BD58FDD1-F8C1-4E27-843D-424515C839D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C0757E2C-8146-407A-BAB4-E9C9E355CBC4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D511D463-9503-4BC3-B8B9-1DF02EFFDB70}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E29DF5-F7F1-41A5-AB3E-37831577E817}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{01F4606B-E15A-4C2A-BB79-16849D99FE04}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{02C5485A-365F-4510-82FE-E8E33984B5CA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{03BAC237-1058-4199-BDD8-7B3AE7595389}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{03FD3127-57C9-4267-9C65-DD1FB3F40468}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{0755D2BF-891C-4088-B955-E264816A911C}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{07F4D1C8-B023-4957-A63D-5916460FFBF0}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{083FF76D-B648-4955-ACAD-18CEC83B980A}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} | 
"{08482F61-907A-4EC8-A1F5-42A9BE4D7887}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | 
"{089CA0EE-DE25-4B30-BA65-4C4303A79326}" = dir=out | name=txtr ebooks | 
"{0C4B86E8-3FD4-4E17-BD81-84DCBF40EAF0}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{0C759907-691C-4D42-AE2A-91E8D51B0D14}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0EB73B49-5942-4894-92F7-3C26100213BC}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{10425090-6611-4015-BE84-BFDD5D29EC5D}" = dir=in | name=microsoft minesweeper | 
"{127DA719-D294-4F34-96CD-1181451E9751}" = dir=in | name=taptiles | 
"{12FE207F-6E32-4AA4-B875-C90ABCE80B46}" = dir=out | name=txtr ebooks | 
"{1417543A-33FD-4549-88B2-C4AFBCDCB797}" = dir=in | name=juniper networks junos pulse | 
"{15D5541F-16C0-4878-A7B6-1AFE0E9A130C}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{173D6619-BAA0-4C76-824E-A9F94BDCBF86}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{18A9EDBF-EB64-49B4-93F6-756935B49349}" = protocol=6 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet config v4\enconfig.exe | 
"{1AC60346-75B8-4B83-9775-66029CEF04CA}" = dir=out | name=check point vpn | 
"{1B9BBE7A-3B55-46A8-9647-6990AADFE7A1}" = dir=out | name=windows_ie_ac_001 | 
"{1C5E6122-795E-4271-935E-6EDFE50D54EB}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{1CD1A5B0-ADCB-4371-A5F1-431C4281C249}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1DB9474A-0995-4B9B-8A03-784C3170F9DC}" = dir=out | name=microsoft mahjong | 
"{1EC743DF-9F46-4A3C-B595-44CF954689DD}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{1F548CF9-7434-4D01-B6F8-5119A85AA19C}" = dir=in | name=check point vpn | 
"{215A6209-A089-4BA0-91FC-1564F64B1B12}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{222F1FFB-8C19-4263-9CE9-02D1D2A9DA43}" = dir=in | name=der spiegel | 
"{25E0F856-CC9E-4B2C-A374-2EB82B2CBD05}" = dir=out | name=evernote touch | 
"{26713F4A-47C8-41C0-82A0-97EC6D731F06}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{285410CA-82C0-4291-8316-4766D32A44F6}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{2897A33B-8BD2-43E4-9C73-C3B018D2D989}" = dir=out | name=taptiles | 
"{2BFA3000-2B0E-4989-9E7C-BAA684089CD2}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe | 
"{2D8DE166-E277-421A-8CEF-2711E75CECD1}" = dir=in | name=newsxpresso | 
"{2DC7AECB-7104-4529-ADF1-CB3343B7A699}" = dir=out | name=acer crystal eye | 
"{2DF30345-3B29-4FCB-AD72-F27EA515B600}" = dir=out | name=stern.de | 
"{30951AE1-94A8-4FA9-9BE7-8AC6F020DB99}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{3183AE5E-9D5A-4240-ACF1-BEFD3036EA23}" = dir=out | name=ebay | 
"{3335F009-4F34-464F-87DE-944F8B724CE4}" = dir=out | name=shark dash | 
"{389B3EB3-C1E6-4948-95A5-62637ADEE6C5}" = dir=in | name=microsoft minesweeper | 
"{3B95992E-A75A-4D62-A158-593B601611FD}" = dir=in | name=@{remmelinformatik.cookmelight_2.2.0.92_neutral__2wyp2v8058s48?ms-resource://remmelinformatik.cookmelight/resources/appnamelight} | 
"{3BC97A74-142C-41AB-90E1-3572E7CAB567}" = protocol=17 | dir=in | app=c:\program files (x86)\epsonnet\epsonnet config v4\enconfig.exe | 
"{3DF1C8AE-62C0-4F80-8ADB-FCE46421A436}" = dir=out | name=microsoft mahjong | 
"{3E1C0856-A555-452E-BEFC-2BE1EF6A7051}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{3EA69330-D5A5-4D68-8784-F126C5428589}" = dir=out | name=weatherbug | 
"{40D4D050-3C0E-4849-92E2-0ACB51D13C79}" = dir=in | name=skype | 
"{41F0202F-634B-4E9C-A558-DC07824B2BA7}" = dir=out | name=social jogger | 
"{423A21B0-5BBE-46EA-8B62-FF4F75DAA5C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | 
"{42FB1ACE-C3DE-4666-A551-0A977C00FF7B}" = dir=out | name=microsoft solitaire collection | 
"{4498013D-120E-4953-BF6A-07A11C788FC5}" = dir=in | name=microsoft solitaire collection | 
"{469ABF6A-15A7-449B-9E4F-7496100E5B1E}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{470DBC92-B572-4086-80F5-C7EDDC6C6863}" = dir=out | name=skype | 
"{4769316C-ADD7-48C0-A902-26DDFA258053}" = dir=out | name=jamie's recipes | 
"{49A8A5AC-C263-40BA-BF51-481C72ABB5CB}" = dir=out | name=the treasures of montezuma 3 | 
"{4AA4C196-DC84-4E16-81DF-9E20DDD8B286}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{4B72C730-DDB4-47BA-B544-1A9E45EBF84A}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{4BFAD5DA-C26D-4A06-82DE-3AA2A0FA97E0}" = dir=out | name=check point vpn | 
"{4C798C14-704F-49B4-8924-F7E0DA349D1A}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{4D53775E-377F-4CE4-B8E4-7CD53C67B3B0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{4E923B50-434D-4EDE-92A2-08DAB6B45A09}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe | 
"{51516CB3-BF55-46D0-97CE-CF057BE6E20D}" = dir=out | name=juniper networks junos pulse | 
"{53F09E82-A080-4834-99C3-980036587078}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{544159BE-F6C2-4A7F-BC87-A6B7E6C704DC}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{547EFE81-A2C7-4855-9941-0B3951C7F51E}" = dir=in | name=f5 vpn | 
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | 
"{567955F0-E53E-4DC7-BF84-F784FBE9D2BD}" = dir=out | name=f5 vpn | 
"{57EF95E3-C2A1-4962-BAC2-5B55B0A6B45E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{58169193-39CE-451A-97AB-0625BA69694F}" = dir=out | name=sonicwall mobile connect | 
"{594731FD-7C47-4D98-9DF8-74C883B8E371}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{59738BD5-17CB-4A85-BDE8-18A3BD03D7FE}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{5C3F3BA9-3A90-4839-A719-4A991A1714B0}" = dir=out | name=windows_ie_ac_001 | 
"{5D3187E8-2407-4B63-8AF0-20187177239C}" = dir=in | name=taptiles | 
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | 
"{5F648FDE-DF8A-458F-A0A2-51B4BC827F3E}" = dir=out | name=@{3718.12514fb00dc68_2.6.1.15_x64__8aydmnc5fg7fe?ms-resource://3718.12514fb00dc68/resources/appname} | 
"{5FBDB15C-D84D-4D6E-8CFB-973A6ACA6873}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{636C4D72-5027-406E-97B7-F373669D7B87}" = dir=out | name=@{microsoft.bingtranslator_1.6.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtranslator/resources/appname} | 
"{638C99E9-919F-48AA-AE11-05F2AEBA992D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{643DF55E-F14D-4F97-B45F-BE31909A2F37}" = dir=out | name=social jogger | 
"{645BD733-50CC-4743-9A92-727586E528B4}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{64B37C77-4FD6-44CA-9B13-19C5E387B01D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{673186C9-A3CB-4288-8751-67346FC5A496}" = dir=out | name=acer crystal eye | 
"{677C54CA-C053-44F5-9891-0EBC00C3E510}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{67E0C719-42D0-400A-8FB1-9FEA69B264A2}" = dir=out | name=@{12199asparion.asparionclock_3.1.0.39_neutral__f89vgcf3qm37t?ms-resource://12199asparion.asparionclock/resources/sstorename} | 
"{6A3C5D1B-AE07-41D7-A3C0-762C0DE9B267}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{6D959BB4-4EA0-45D9-A5D2-BC31753AC4CC}" = dir=out | name=@{remmelinformatik.cookmelight_2.2.0.92_neutral__2wyp2v8058s48?ms-resource://remmelinformatik.cookmelight/resources/appnamelight} | 
"{6DDA593C-A043-411C-99FC-1A7AD079F5E8}" = dir=out | name=windows_ie_ac_001 | 
"{73FE40E5-DA41-4492-B373-10F714DF845B}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe | 
"{749DC9D6-8208-48A1-9652-2D2DEE4D2590}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7561A33D-ED2A-4453-B34C-6A63E6C254E8}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{77EDDCC6-4677-43FB-86CE-D24096D6792E}" = dir=out | name=the treasures of montezuma 3 | 
"{77F7D0B6-DDE3-4C5C-BE0E-10E39FD56084}" = dir=in | app=c:\users\besitzer\appdata\local\microsoft\skydrive\skydrive.exe | 
"{781047B4-2E3C-4416-A327-A5808C7D6B18}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{7D5DC25A-1BD9-4AC3-B178-B31ACFC5F025}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe | 
"{7FA6D94B-5031-411B-A0DF-634AD4C1D890}" = dir=out | name=windows_ie_ac_001 | 
"{808BDE67-60DC-4AE3-86F3-5E831743EEBC}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{819F0FE4-F00D-4DA3-8CAB-2284124B173B}" = dir=out | name=skitch touch | 
"{81D00E94-5304-4F0B-A19B-38E1CE081CCC}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe | 
"{82159F0B-8116-4394-AE3E-ABE7554D8094}" = protocol=6 | dir=out | app=system | 
"{834C40FE-FF1F-408C-84E5-5DDA8DCA246D}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{83E21156-ECA9-47D6-B66B-43D3EE8E6F96}" = dir=out | name=@{microsoft.bingsports_2.0.0.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{8549C0A3-EFC3-460A-A16D-74F1A6BA8F7B}" = dir=out | name=kicker | 
"{878E6B35-1A99-4223-BF55-468520693B39}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{87DC837B-13AE-473D-8149-991E20D03867}" = dir=out | name=geschäftsenglisch | 
"{882D3243-78B6-40CB-85A7-ACE3EE12FB10}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe | 
"{88343AB1-04D2-4BFA-A427-1A43D4DAADB7}" = dir=in | name=microsoft solitaire collection | 
"{896F6201-5CAF-4D8D-BC0E-31F1B1918B4B}" = dir=out | name=7digital music store | 
"{8989ABF4-B7E5-4B0B-8145-DDCF64A65A93}" = dir=out | name=f5 vpn | 
"{89AA7D2A-F4B0-402B-AF70-AD17B9710CF3}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{8A7A6006-4D48-411A-8C01-1E60A1FC954C}" = dir=in | name=sonicwall mobile connect | 
"{8B12224E-A81A-4DF5-A180-F7D5B6A7A62B}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{8C341BC0-F64F-4A57-A5A0-D1757C807760}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{8E2321B7-80D7-40F4-804C-99E434911ABD}" = dir=in | name=acer explorer | 
"{8EF725BB-5DFC-4D06-A607-649D1D2EEFF0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe | 
"{90C010E9-0899-4A4A-9557-EFDBB531F20C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{91B8728B-7E0C-4BF8-BBA4-775713B1612C}" = dir=in | name=juniper networks junos pulse | 
"{94F73566-5413-47F5-9466-5C4ECD9721C3}" = dir=out | name=tv digital | 
"{9542319B-F170-4936-8EE4-479D634F5D99}" = dir=out | name=shark dash | 
"{96742255-45E2-4943-BF43-DF83EC41826B}" = dir=out | name=tunein radio | 
"{9771E804-64F7-48BC-B4B7-01ADA9796B02}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe | 
"{9788FA1D-1C53-406C-811B-F1930528E3B9}" = dir=out | name=newsxpresso | 
"{97C3CB76-3978-4037-B3EA-3D88205F3726}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{98F70198-96AD-414C-931C-7351C5FA1F3D}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{9EC8EE2C-8032-4AB9-9DDD-17DFDCE377D7}" = dir=in | name=microsoft mahjong | 
"{9FAECC85-C585-45F7-A945-2BCABA352EED}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{9FC3947C-015B-4E55-8A9A-5346E7B0E652}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A2988034-156B-4C20-9276-72C8DFC9D49B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A2B225EB-C837-41FB-94C4-2642E4DC8C42}" = dir=in | name=f5 vpn | 
"{A34D7078-4148-441E-8ABB-63ABBC92218A}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{A42453AE-40CC-4602-B620-E99CEEE628E8}" = protocol=17 | dir=in | app=d:\network\epsonnetsetup\eneasyapp.exe | 
"{A66D9292-2291-4E3F-BB7F-740DC39DB5A8}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} | 
"{A7526199-AB87-4D86-9925-05663754BD3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A8419BE7-F350-414E-80BE-4A08CDF9BE9D}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{AABB56DA-F929-44D9-870C-645C263EECC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB4CFB2E-9448-40AF-9648-9BBF730B3D8F}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{ABCD5A75-D7D3-4214-89F5-CCD2881CF89A}" = dir=out | name=cut the rope | 
"{ADE03F8D-E328-4C55-948B-06E786A61FA0}" = dir=out | name=7digital music store | 
"{B09286A6-201F-400F-996F-F9B48D331430}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{B0B9ABC5-1DD3-4E5F-92F2-07ADCF867E87}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe | 
"{B14BF9B4-8781-4B08-8D71-EDFEE7000727}" = dir=out | name=@{babbel.com.learnenglishwithbabbel.com_1.2.0.0_x64__qy1gdghayqfcm?ms-resource://babbel.com.learnenglishwithbabbel.com/apptitles/app_title} | 
"{B309D73F-430D-43E5-9848-55353F64810C}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{B36D2DE3-37E2-46C9-A7DE-A5C4641C092B}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{B5080131-FEEB-4106-89E0-DC906810F311}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{B74E6E1A-A6D0-420A-B677-99AA71C81ECF}" = dir=out | name=evernote touch | 
"{BC6869DC-3955-419E-A7D8-2F56A13B867C}" = dir=out | name=weatherbug | 
"{BCB3CBB5-5D02-46FB-B653-33464A087BAA}" = dir=out | name=acer explorer | 
"{C0A69685-9453-428E-90B6-0F7EA823CF9C}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{C0D173C5-5F8C-4769-A5B8-AE1F34D8E13F}" = dir=out | name=cut the rope | 
"{C29D9AF1-606B-4174-BD93-D380FE76EEF6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{C37CD7F5-33F2-4126-BAA1-B8496C3149C0}" = dir=out | name=einfache und leckere spaghettirezepte | 
"{C3FBCA1F-750C-4150-880A-512FC80EFD34}" = dir=out | name=ebay | 
"{C4FB7FB4-50FF-4A77-9CF8-88812FE2A161}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{C5811F09-2E45-4751-89CF-DAB45B8923CB}" = dir=in | name=acer explorer | 
"{C61E71FD-3C29-469B-8EDE-087871510373}" = dir=out | name=taptiles | 
"{C8628822-F9BA-434C-9ECD-01F33D3760E4}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe | 
"{CB9E21FB-17A0-42FA-9CC8-35DAC2D66F6D}" = dir=out | name=acer explorer | 
"{CBE6E01B-63EB-4FFC-A2F9-1195F91A26A3}" = dir=out | name=skitch touch | 
"{CC09A8EE-A6E5-49E6-9028-ACCE45034D68}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{CE7662A9-3CC2-4779-B426-B5A0B9713B48}" = dir=out | name=microsoft minesweeper | 
"{CFC6AC83-6578-4BDA-8449-8A95125D0EE0}" = dir=in | name=microsoft mahjong | 
"{D094641D-B845-4E96-9998-F57F78BF8DAC}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | 
"{D6C2F4BB-AA02-414A-BAAD-DDF76F33935F}" = dir=out | name=der spiegel | 
"{D8D0BE4A-4DC4-4619-A88F-7B7D1CE020CA}" = dir=out | name=google search | 
"{D8FC849D-3A42-451F-9C2E-8AE574D3A06C}" = dir=in | name=sonicwall mobile connect | 
"{D916891C-6A06-45F8-8864-DB528897B59E}" = dir=in | name=skype | 
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | 
"{DC9B9918-2012-4632-BD3E-1D410D8576A3}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{DDE2C4F3-98F2-4FF6-ACC7-52EC9BB205C8}" = dir=out | name=tunein radio | 
"{DEC5045E-CDFF-45C5-9D60-A1DAF9E774A7}" = dir=out | name=n-tv nachrichten | 
"{DEFBBF43-9899-402B-A40F-687ED0F8AD1B}" = dir=out | name=marktjagd shopping-navigator | 
"{DF8041B2-E24D-4DE6-A286-C4C1F0BC2880}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe | 
"{DFBD8CBA-39B5-4CB6-B2C0-DCBAD26C5072}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{DFEEF7B0-7D5D-4BCA-B747-5BA02ACE4012}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe | 
"{E18AC9A3-C843-41A5-B751-5DADC330831F}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{E1E26BF0-FBC4-4FCD-8EC7-447698F4713A}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{E2A48752-E6E4-4ED6-8CCF-7389E1E4756D}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{E30E5F58-4BC2-4FD6-8986-79BDE3233258}" = dir=in | name=evernote touch | 
"{E3344213-FE12-4D10-8184-5E4C43F95609}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E40E0E5E-C71B-49F1-B7EA-2D629C91BC40}" = dir=in | name=newsxpresso | 
"{E540DDD5-E780-40A3-A129-9AEE940503A9}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA26E7AE-640F-4225-8E22-6F0C9BFB5A06}" = dir=out | name=newsxpresso | 
"{EBDECCD9-2AD5-429A-BD12-2C585E8E3EBA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | 
"{EE0F7FD0-06CF-4667-A4F0-22492C3CE9BC}" = protocol=6 | dir=in | app=d:\network\epsonnetsetup\eneasyapp.exe | 
"{F2C270D3-2399-4BC5-A713-61E16290B805}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{F2DF981F-B2D2-434C-8037-548A90A93C39}" = dir=out | name=juniper networks junos pulse | 
"{F498DFB3-E0A0-4D64-A6D0-D319814FB594}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{F593443A-C6DC-41A2-B9B2-E61E737F7CE5}" = dir=out | name=microsoft minesweeper | 
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | 
"{F67A34B6-26EB-4E65-A8CD-3ABC06621BAB}" = dir=out | name=@{babbel.com.learnenglishwithbabbel.com_1.2.0.0_x64__qy1gdghayqfcm?ms-resource://babbel.com.learnenglishwithbabbel.com/apptitles/app_title} | 
"{F6FE44FF-CA76-49F0-A8F4-3690BC5E96CD}" = dir=out | name=sonicwall mobile connect | 
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | 
"{F81B41C6-6E7F-470B-814B-5C6146C2A5E2}" = dir=in | name=evernote touch | 
"{F82D1C6D-93F8-412D-B6F5-9F0CA571AD1C}" = dir=in | name=check point vpn | 
"{F93F4124-904F-4DDB-86CD-093A0C9FDF7E}" = dir=out | name=skype | 
"{FB4115BD-FA61-4C76-BB8F-274DCAE8B248}" = dir=out | name=microsoft solitaire collection | 
"{FBAAF225-B080-4EA7-8720-C3A714294C61}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{FCF124D8-DC7C-4C9F-857D-B1CE936848F7}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{FFCD9A0F-E201-4C59-A352-3C4B2B10301F}" = dir=out | name=@{pons.wrterbuch_1.7.0.53_neutral__sj9sp7dbkxx8m?ms-resource://pons.wrterbuch/resources/display_name} | 
"TCP Query User{634DE261-0A73-4951-A7C3-FC323751B66E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"TCP Query User{8F810F4A-592E-403F-B52B-5537D5A2FE35}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{C187DFBA-543D-4A5B-9038-FADD4936BAE9}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
"UDP Query User{FCC02F4E-6CCA-4F68-9229-97E990C3652C}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{B26449A6-6007-4460-B4FE-C4776115BCEA}" = Epson Customer Research Participation
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.8.001_WHQL
"EPSON Remote Print" = Druckerdeinstallation für EPSON Remote Print
"EPSON WF-3540 Series" = EPSON WF-3540 Series Printer Uninstall
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02A312B5-1542-47B6-BFE9-F51358C39E86}" = Epson Easy Photo Print 2
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}" = EpsonNet Config V4
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" =  clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{402ED4A1-8F5B-387A-8688-997ABF58B8F2}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{695C8469-7822-4B31-A673-5ED84815B649}" = Epson E-Web Print
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{82DEE0F4-18DB-4C49-89A4-0BEE4597DF45}" = Software Updater
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F01524C-0676-4CC1-B4AE-64753C723391}" = Epson Event Manager
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A694AF57-9891-4D62-824C-7E55A1361A14}" = eBay Worldwide
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}" = EPSON Printer Finder
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" =  clear.fi SDK - Video 2
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ElsterFormular" = ElsterFormular
"Epson Connect Guide" = Epson Connect Guide
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 26.0 (x86 de)" = Mozilla Firefox 26.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Spotify" = Spotify
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WF-3540 Series Netg" = Epson Netzwerkhandbuch WF-3540 Series
"WF-3540 Series Useg" = Epson Benutzerhandbuch WF-3540 Series
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WTA-0d68628a-83c6-4ba9-95fb-7f859a86e955" = Aloha TriPeaks
"WTA-0e3b77db-1594-41c3-917d-f57454d7e0ba" = Jewel Match 3
"WTA-13701bce-c3b5-4053-81aa-26a46f6279a8" = Zuma's Revenge
"WTA-154d14df-fddd-429f-af1f-b8b71c1b6a87" = Island Tribe
"WTA-1f78ad7a-4d78-47c1-b89a-5ce84e53268b" = Delicious: Emily's True Love Premium Edition
"WTA-225a4896-5341-426b-84ba-e3f4d1101f68" = Governor of Poker 2 Premium Edition
"WTA-2fdb4002-ecf3-42d2-b118-faa18fe9ef56" = Tales of Lagoona
"WTA-593cfab5-049d-4631-b3d0-2dcbd152f77a" = John Deere Drive Green
"WTA-6844ced3-3d9e-405b-9c5d-9096b4223ef1" = Bejeweled 3
"WTA-7db42b7c-5e03-41c5-8934-911cca9414cf" = Magic Academy
"WTA-aeb1170b-8284-4190-b002-a001b38da741" = Polar Bowler
"WTA-d2029d49-07b2-48ee-a534-cb74fa01a3c2" = Agatha Christie - Death on the Nile
"WTA-e38b0f58-3b97-4ca1-bfc8-456508977e94" = Penguins!
"WTA-f3a12e4b-652f-4a10-b6f9-b1dfae195e56" = Plants vs. Zombies - Game of the Year
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.01.2014 13:59:47 | Computer Name = PC | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 06.01.2014 02:46:28 | Computer Name = PC | Source = Application Hang | ID = 1002
Description = Programm BackgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht
 mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1324    Startzeit: 01cf0aa962b06ce7    Endzeit: 4294967295    Anwendungspfad:
 C:\WINDOWS\System32\BackgroundTaskHost.exe    Berichts-ID: 5695676f-769d-11e3-be9c-b888e3d1a834

Vollständiger
 Name des fehlerhaften Pakets: Microsoft.BingHealthAndFitness_3.0.1.335_x64__8wekyb3d8bbwe

Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: AppexHealthAndFitness  
 
Error - 06.01.2014 05:08:25 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Komponente
 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
 
Error - 06.01.2014 05:09:31 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest". Fehler in Manifest- 
oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
Error - 06.01.2014 05:09:31 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
Error - 06.01.2014 05:09:31 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
Error - 06.01.2014 05:11:53 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.
Komponente
 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
 
Error - 06.01.2014 05:11:58 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest". Fehler in Manifest- 
oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
Error - 06.01.2014 05:11:58 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest". Fehler in Manifest- oder
 Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
Error - 06.01.2014 05:11:58 | Computer Name = PC | Source = SideBySide | ID = 16842824
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest"
 in Zeile 4.  Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element
 des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser
 Windows-Version nicht unterstützt wird.
 
[ System Events ]
Error - 01.01.2014 05:00:01 | Computer Name = PC | Source = DCOM | ID = 10016
Description = 
 
Error - 01.01.2014 16:34:11 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 01.01.2014 16:34:11 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 01.01.2014 16:39:07 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 01.01.2014 16:39:07 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 02.01.2014 00:10:17 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 02.01.2014 00:11:01 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 02.01.2014 00:13:57 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 02.01.2014 00:15:04 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
Error - 02.01.2014 00:16:22 | Computer Name = PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
 gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
 Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
 lautet: 252.
 
 
< End of report >
         


Alt 12.01.2014, 09:22   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Passwort mal geändert vom Mail Account? dann immer noch Probleme?
__________________
--> Über meine Mail-Adreße wird Spam versendet

Alt 12.01.2014, 17:00   #7
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Ja habe ich von Dienst-PC aus. Aber es kommen noch immer Rückläufer. Kann ja auch sein das meine Mail-Adreße hierzu genommen wird und gar nichts über meinen PC verschickt wird. Von der anderen Mail-Adreße meiner Frau gleicher PC und Provider und auch über Windows Live kommen keine Rückläufer. Das blöde ist, dass meine IP-Adreße auf einer Blacklist steht und somit viele Mails nicht zugestellt werden.

Alt 13.01.2014, 10:35   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Das dauert bis die da gelöscht wird. Aber solche Accs werden online gehackt, Spoofing, da ist nichts mit dem Rechner ansich.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.01.2014, 15:15   #9
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



mein rechner ist also i.O. ?

Alt 14.01.2014, 09:57   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Ja
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.01.2014, 15:50   #11
loelli06
 
Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



OK.
Danke Spende folgt.

Alt 15.01.2014, 09:57   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Über meine Mail-Adreße wird Spam versendet - Standard

Über meine Mail-Adreße wird Spam versendet



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Über meine Mail-Adreße wird Spam versendet
bereit, blacklist, client, code, dns, e-mail, euro, excel, failed, folge, ide, mails, medion, microsoft, neue, nichts, online, remote, scan, scanner, server, service, smtp, spam, suche, teams, trojaner




Ähnliche Themen: Über meine Mail-Adreße wird Spam versendet


  1. SPAM wird von meiner Mail aus an meine Kontakte versendet
    Plagegeister aller Art und deren Bekämpfung - 02.04.2015 (39)
  2. vor 1 Woche Trojaner mit "UPS-Mail" eingefangen, nun wieder Spam-Mails über meine Accounts...
    Log-Analyse und Auswertung - 23.03.2015 (11)
  3. Mein GMX-Account versendet Spam an alle meine Kontakte
    Log-Analyse und Auswertung - 10.12.2014 (10)
  4. Meine Yahoo! Mail versendet Spam eMails
    Plagegeister aller Art und deren Bekämpfung - 14.04.2014 (1)
  5. Mail Acc versendet Spam Mails
    Plagegeister aller Art und deren Bekämpfung - 09.04.2014 (11)
  6. AOL-Account versendet Spam-Mail
    Log-Analyse und Auswertung - 25.06.2012 (1)
  7. Web.de versendet SPAM Mail
    Log-Analyse und Auswertung - 12.06.2012 (1)
  8. Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (18)
  9. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 22.11.2011 (1)
  10. spam-mail über mein web.de-account versendet, spam-mail auch im gesendet Ordner
    Log-Analyse und Auswertung - 16.11.2011 (3)
  11. Facebook versendet an alle meine Kontakte Spam mails
    Log-Analyse und Auswertung - 15.08.2011 (1)
  12. Google Mail Konto: Spam-Email an alle meine Kontakte versendet
    Überwachung, Datenschutz und Spam - 25.04.2011 (0)
  13. Spam-Mails über meine Mail-Adresse auf meine Kontakte geschickt!
    Log-Analyse und Auswertung - 28.11.2010 (1)
  14. Über meine email-Adresse wurde Spam an Kontakte versendet! Malware gefunden!
    Log-Analyse und Auswertung - 16.11.2010 (12)
  15. Spam über meine email Adresse versendet
    Log-Analyse und Auswertung - 17.10.2010 (1)
  16. Msn versendet meine gespeicherten Konversationen per Mail/ Trojaner?
    Log-Analyse und Auswertung - 26.08.2010 (6)
  17. Spamm über meine Emailadresse versendet!
    Log-Analyse und Auswertung - 25.01.2010 (1)

Zum Thema Über meine Mail-Adreße wird Spam versendet - Es werden seit öfteren Mails von meinem Mail-Account nicht zugestellt, mit der Begründung das meine IP-Adreße auf einer Blacklist steht. Nun ist mir aufgefallen, dass ich diese Rückläufer auch von - Über meine Mail-Adreße wird Spam versendet...
Archiv
Du betrachtest: Über meine Mail-Adreße wird Spam versendet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.