Kann man Comodo, habe die Firewall in Win7 laufen, einfach über "Programme entfernen" deinstallieren oder ist eine andere Vorgehensweise zu empfehlen?

Ich will die Firewall von Windows (MSE) nutzen, ausprobieren, weil die Comodo Firewall vielleicht das System extrem verlangsamt.

Hi,

Ich würde dafür Revo Uninstaller nutzen und eventuelle Reste entfernen lassen.

Revo Uninstaller - Download - Filepony

Hallo Keckrem,

vielen Dank für den Link. Ja, das hatte ich auch vor (habe Revo auf der Platte), aber Comodo wird in Revo gar nicht aufgeführt, nur in der windowseigenen Funktion "Programme zufügen und entfernen" oder wie die heißt.

Vielen Dank nochmals.

Hi,

Das ist ungewöhnlich, dann deinstalliere es einfach über die Systemsteuerung.

Wenn noch Überreste da sind, können wir sie notfalls entfernen.

Hallo Keckrem,

ja, habe ich gemacht, sind ein paar Ordner übriggeblieben und offenbar Einträge in der Registry.

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hallo schrauber. Vielen Dank.



FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-08-2014
Ran by Biff (administrator) on Biff-PC on 07-08-2014 21:14:59
Running from I:\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(PcWinTech.com) C:\Program Files (x86)\CleanMem\Mini_Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\NiceCopier\NiceCopier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dekisoft) I:\Programme\MonitorOff\monoff.exe
( ) C:\Program Files\Copy Handler\ch64.exe
() I:\Programme\jDs\jDownloader 2 - Filme und Serien\JDownloaderExp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LiberKey.com) I:\LiberKey\LiberKeyTools\LiberKeyPortabilizer\LiberKeyPortabilizer.exe
(AIMP DevTeam) I:\LiberKey\Apps\AIMP\App\AIMP\AIMP3.exe
(hxxp://winreview.ru) I:\Programme\Balance Control - Lautstärke\simplesndvol.exe
(LiberKey.com) I:\LiberKey\LiberKeyTools\KeyFileAssoc\KeyFileAssoc.exe
() I:\Programme\CPUMon\CPUMon.exe
() I:\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exe
(PortableApps.com) I:\PortableApps\PortableApps\PortableApps.com\PortableAppsPlatform.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() I:\Programme\MyImgur - Screenshot und Uploader\x64\MyImgur.exe
(Remove Empty Directories) I:\LiberKey\Apps\RemoveEmptyDirectories\App\RemoveEmptyDirectories\RED2.exe
(PortableApps.com) I:\PortableApps\PortableApps\MPC-HCPortable\MPC-HCPortable.exe
(MPC-HC Team) I:\PortableApps\PortableApps\MPC-HCPortable\App\MPC-HC\mpc-hc.exe
() I:\Programme\MKVToolNix\mmg.exe
(Bartels Media GmbH) I:\Programme\PhraseExpress\phraseexpress.exe
(OpenOffice.org) I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\soffice.exe
(OpenOffice.org) I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\soffice.bin
(PortableApps.com) I:\PortableApps\PortableApps\FreeCommanderPortable\FreeCommanderPortable.exe
(Marek Jasinski) I:\PortableApps\PortableApps\FreeCommanderPortable\App\FreeCommanderXE\FreeCommander.exe
(Microsoft Corporation) C:\Windows\System32\msconfig.exe
(Media Companion) I:\Programme\Media Companion\Media Companion.exe
(DonationCoder) I:\Programme\ScreenshotCaptor\ScreenshotCaptor.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
() I:\LiberKey\Apps\Everything\App\Everything\Everything.exe
(PortableApps.com) I:\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) I:\PortableApps\PortableApps\FirefoxPortable\App\Firefox\firefox.exe
(Mozilla Corporation) I:\LiberKey\Apps\Thunderbird\App\Thunderbird\thunderbird.exe
(PortableApps.com) I:\PortableApps\PortableApps\Notepad++Portable\Notepad++Portable.exe
(Don HO don.h@free.fr) I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-09-20] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9639424 2010-09-20] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKU\.DEFAULT\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-1049388694-2736142571-1025416933-1000\...\Run: [LiberKey] => I:\LiberKey\LiberKey.exe [45464 2012-04-06] (LiberKey.com)
HKU\S-1-5-21-1049388694-2736142571-1025416933-1000\...\Run: [Dekisoft Monitor Off Utility] => I:\Programme\MonitorOff\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-1049388694-2736142571-1025416933-1000\...\Run: [Copy Handler] => C:\Program Files\Copy Handler\ch64.exe [756736 2010-03-07] ( )
HKU\S-1-5-21-1049388694-2736142571-1025416933-1000\...\Policies\Explorer: [HideSCAVolume] 0

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x675EC20868A5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {57C4ED0D-3B0F-C803-C4BD-545F34B30D5A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd92&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDtByC0EyBzyyBzztAyDyCtN0D0Tzu0SyCtByDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QzytB&cr=1387738906&ir=
SearchScopes: HKLM - {57C4ED0D-3B0F-C803-C4BD-545F34B30D5A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd92&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDtByC0EyBzyyBzztAyDyCtN0D0Tzu0SyCtByDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QzytB&cr=1387738906&ir=
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {66C31BA2-2A57-ADC9-459C-1D5CFE798BA6} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd92&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtDtByC0EyBzyyBzztAyDyCtN0D0Tzu0SyCtByDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QzytB&cr=1387738906&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Extension: FEBE - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\n7t82fgi.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2013-03-29]
FF Extension: German Dictionary (de-DE), classical spelling standards - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\alterechtschreibung@googlemail.com [2013-03-29]
FF Extension: File Search - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\contact@searchfiles.de [2013-03-29]
FF Extension: German Dictionary - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-17]
FF Extension: Dictionary Switcher - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\dictionary-switcher@design-noir.de [2014-05-18]
FF Extension: StatusbarEx - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\doudehou@gmail.com [2013-03-29]
FF Extension: United States English Spellchecker - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-29]
FF Extension: Free Download Manager plugin - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\fdm_ffext@freedownloadmanager.org [2013-03-29]
FF Extension: Form History Control - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\formhistory@yahoo.com [2014-05-18]
FF Extension: Muter - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\muter@yxl.name [2013-06-28]
FF Extension: Noia 2.0 eXtreme OPT - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\noia2_option@kk.noia [2013-03-29]
FF Extension: samfind Bookmarks Bar - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\sam@samfind.com [2013-11-23]
FF Extension: Taboo - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\taboo@runningfrombears.com [2013-03-29]
FF Extension: Screengrab - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2013-03-29]
FF Extension: Toolbar Buttons - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2013-03-29]
FF Extension: ColorfulTabs - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-06-17]
FF Extension: Screenshot Pimp - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{056d0610-e44d-11df-bccf-0800200c9a66} [2013-03-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013-03-29]
FF Extension: Screen grab! with Online Upload - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{29CB7FC4-9DD9-4357-9452-457BD5589D9E} [2013-03-29]
FF Extension: LinkChecker - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509} [2013-03-29]
FF Extension: FEBE - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-06-17]
FF Extension: RSE Tools - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{65fe69f6-b9d0-4efa-bb93-064f9b126430} [2013-03-29]
FF Extension: Add Bookmark Here ² - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\abhere2@moztw.org.xpi [2013-03-29]
FF Extension: Google Docs Viewer - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\adonis.cuhk@gmail.com.xpi [2013-03-29]
FF Extension: DownThemAll! AntiContainer - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\anticontainer@downthemall.net.xpi [2013-03-29]
FF Extension: AutoPager - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\autopager@mozilla.org.xpi [2013-03-29]
FF Extension: Bookmark Favicon Changer - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\bookmarkfaviconchanger@sonthakit.xpi [2013-03-29]
FF Extension: Check4Change - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\check4change-owner@mozdev.org.xpi [2013-03-29]
FF Extension: Click to play switch - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\clicktoplaybutton@bleupomme.net.xpi [2013-03-29]
FF Extension: Close other tabs - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\closeothertabs@florian-volk.net.xpi [2013-03-29]
FF Extension: Copy Link Text - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\copylinktext@brett.zamir.xpi [2013-03-29]
FF Extension: Extension List Dumper - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\extensionlistdumper@sogame.cat.xpi [2013-03-29]
FF Extension: Firebug - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\firebug@software.joehewitt.com.xpi [2013-03-29]
FF Extension: FireDownload - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\firedownload@mozilla.org.xpi [2013-03-29]
FF Extension: History Export - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\histexp@cycledlm.gmail.com.xpi [2013-03-29]
FF Extension: History Submenus Ⅱ - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\HistorySubmenus2@Merci.chao.xpi [2013-03-29]
FF Extension: English-Spanish-German Dictionary by Vocabulix - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\info@vocabulix.txt.xpi [2013-03-29]
FF Extension: Click to Play Plugins Helper - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\jid0-4orfW3BEEP2lE79bS5cfA7zF13Y@jetpack.xpi [2013-03-29]
FF Extension: Enable Click to Play - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\jid1-4Vy68XOTvAbEBQ@jetpack.xpi [2013-03-29]
FF Extension: keyconfig - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\keyconfig@dorando.xpi [2013-03-29]
FF Extension: Link Gopher - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\linkgopher@oooninja.com.xpi [2013-03-29]
FF Extension: Linkinator - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\linkinator@linkinator.net.xpi [2013-03-29]
FF Extension: Fire Media Player - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\musicplayer@firemediaplayer.com.xpi [2013-03-29]
FF Extension: Music Player Minion 2 - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\Music_Player_Minion@code.google.com.xpi [2013-03-29]
FF Extension: Noia 4 Theme Manager - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\Noia4Options@ArisT2.xpi [2013-03-29]
FF Extension: Restart Firefox - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\restart@restart.org.xpi [2013-03-29]
FF Extension: Save as PDF - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2013-03-29]
FF Extension: ScrapBook Plus - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\scrapbookplus@addons.mozilla.org.xpi [2013-03-29]
FF Extension: Session History Tree - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\sessionhistorytree@daniel.dawson.xpi [2013-03-29]
FF Extension: Silvermel and Charamel XT - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\silvermelxt@pardal.de.xpi [2013-03-29]
FF Extension: SkipScreen - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\SkipScreen@SkipScreen.xpi [2013-03-29]
FF Extension: FastestFox - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\smarterwiki@wikiatic.com.xpi [2013-03-29]
FF Extension: Tab History Redux - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\tab-history-redux@efinke.com.xpi [2013-03-29]
FF Extension: URL Lister - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\urllister@binnyva.com.xpi [2013-03-29]
FF Extension: UploadScreenshot.com Capture - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\uss-button@uploadscreenshot.com.xpi [2013-03-29]
FF Extension: Uppity - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{16cbd87c-eb99-4f5c-9825-83cf13ab7ff8}.xpi [2013-03-29]
FF Extension: FlashGot - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-03-29]
FF Extension: Stay-Open Menu - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{3541c267-2580-4144-854e-2e05c8670121}.xpi [2013-03-29]
FF Extension: ScrapBook - C:\Users\Biff\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.Biffs Profil\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-03-29]
FF StartMenuInternet: FIREFOX.EXE - I:\PortableApps\PortableApps\FirefoxPortable\App\Firefox\firefox.exe

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [7599616 2009-08-18] () [File not signed]
S2 ndsvc; C:\Program Files\NetDrive\ndsvc.exe [2789376 2013-02-25] (Bdrive Inc.) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [File not signed]
S4 NPVR Recording Service; "C:\Program Files (x86)\NPVR\NRecord.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R3 dvblinkcap; C:\Windows\System32\DRIVERS\dvblinkcap.sys [18608 2010-07-19] (DVBLink)
R3 dvblinkcap2; C:\Windows\System32\DRIVERS\dvblinkcap2.sys [18608 2010-07-19] (DVBLink)
R3 dvblinkcap3; C:\Windows\System32\DRIVERS\dvblinkcap3.sys [18608 2010-07-19] (DVBLink)
R3 dvblinkcap4; C:\Windows\System32\DRIVERS\dvblinkcap4.sys [18608 2010-07-19] (DVBLink)
R3 dvblinktun; C:\Windows\System32\DRIVERS\dvblinktun.sys [20784 2010-07-19] (DVBLink)
R3 dvblinktun2; C:\Windows\System32\DRIVERS\dvblinktun2.sys [20784 2010-07-19] (DVBLink)
R3 dvblinktun3; C:\Windows\System32\DRIVERS\dvblinktun3.sys [20784 2010-07-19] (DVBLink)
R3 dvblinktun4; C:\Windows\System32\DRIVERS\dvblinktun4.sys [20784 2010-07-19] (DVBLink)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 hcw10bda; C:\Windows\System32\drivers\hcw10bda.sys [649904 2012-10-08] (Hauppauge Computer Works, Inc.)
S2 hcw10cir; C:\Windows\System32\drivers\hcw10cir.sys [46080 2010-05-10] (Hauppauge Computer Works, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 ndfs; C:\Program Files\NetDrive\ndfs.sys [63712 2013-02-01] (Bdrive Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
U5 UnlockerDriver5; I:\LiberKey\Apps\Unlocker\App\Unlocker\x64\UnlockerDriver5.sys [12352 2011-04-27] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [32792 2009-05-13] (X10 Wireless Technology, Inc.)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-07 21:11 - 2014-08-07 21:15 - 00000000 ____D () C:\FRST
2014-08-07 20:18 - 2014-08-07 20:18 - 00000000 ____D () C:\N++RECOV
2014-08-06 11:54 - 2014-08-06 11:54 - 00000000 ____D () C:\Users\Biff\AppData\Local\Remove_Empty_Directories
2014-08-03 12:36 - 2014-08-03 12:36 - 00001266 _____ () C:\Users\Biff\Desktop\Windows Update (2).lnk
2014-08-02 21:05 - 2014-08-02 21:05 - 00003560 ____N () C:\bootsqm.dat
2014-08-01 18:43 - 2014-08-01 18:43 - 00000000 ____D () C:\Windows\pss
2014-08-01 18:16 - 2014-08-01 18:16 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-Biff-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-01 18:12 - 2014-08-01 18:12 - 00000000 ____D () C:\RegBackup
2014-07-29 08:41 - 2014-07-25 21:15 - 00000218 _____ () C:\Users\Biff\AppData\Local\recently-used.xbel
2014-07-28 18:21 - 2014-07-28 18:21 - 00000846 _____ () C:\Users\Biff\Desktop\JDownloaderExp.exe - Filme und Serien.lnk
2014-07-28 09:36 - 2014-08-01 18:10 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-27 13:05 - 2014-08-04 11:34 - 00298488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-27 13:04 - 2014-08-04 11:33 - 00003442 _____ () C:\Windows\PFRO.log
2014-07-27 13:01 - 2014-08-06 14:44 - 00040432 _____ () C:\Windows\IE11_main.log
2014-07-26 20:47 - 2014-07-26 20:47 - 00001023 _____ () C:\Users\Biff\Desktop\WinRAR.lnk
2014-07-26 20:44 - 2014-07-26 20:46 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-26 09:29 - 2014-08-07 18:58 - 00006509 _____ () C:\Windows\setupact.log
2014-07-26 09:29 - 2014-07-26 09:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 22:08 - 2014-08-04 11:34 - 00069512 _____ () C:\Users\Biff\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-22 21:02 - 2014-07-22 21:02 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVBLink
2014-07-20 11:16 - 2014-07-20 11:16 - 00000067 _____ () C:\Windows\XMLTVSourceConfig.INI
2014-07-20 00:31 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-20 00:31 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-20 00:31 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-20 00:31 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-13 13:16 - 2014-07-13 13:16 - 00000000 ____D () C:\Users\Biff\AppData\Local\WDSetup
2014-07-09 19:12 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 19:12 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 19:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 19:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 19:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 19:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 19:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 19:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 19:10 - 2014-06-07 06:02 - 17854464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 19:10 - 2014-06-07 04:59 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 19:10 - 2014-06-07 04:51 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 19:10 - 2014-06-07 04:47 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 19:10 - 2014-06-07 04:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 19:10 - 2014-06-07 04:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 19:10 - 2014-06-07 04:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 19:10 - 2014-06-07 04:42 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 19:10 - 2014-06-07 04:42 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 19:10 - 2014-06-07 04:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 19:10 - 2014-06-07 04:41 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 19:10 - 2014-06-07 04:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 19:10 - 2014-06-07 04:39 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-09 19:10 - 2014-06-07 04:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 19:10 - 2014-06-07 02:05 - 12353024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 19:10 - 2014-06-07 01:12 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 19:10 - 2014-06-07 01:04 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 19:10 - 2014-06-07 01:03 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 19:10 - 2014-06-07 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 19:10 - 2014-06-07 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 19:10 - 2014-06-07 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 19:10 - 2014-06-07 00:54 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 19:10 - 2014-06-07 00:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 19:10 - 2014-06-07 00:53 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 19:10 - 2014-06-07 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 19:10 - 2014-06-07 00:51 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-09 19:10 - 2014-06-07 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 19:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 19:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 19:09 - 2014-06-07 05:13 - 10890752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 19:09 - 2014-06-07 04:52 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 19:09 - 2014-06-07 04:51 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 19:09 - 2014-06-07 04:50 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 19:09 - 2014-06-07 04:42 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 19:09 - 2014-06-07 04:42 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 19:09 - 2014-06-07 04:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 19:09 - 2014-06-07 01:25 - 09711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 19:09 - 2014-06-07 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-09 19:09 - 2014-06-07 00:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 19:09 - 2014-06-07 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 19:09 - 2014-06-07 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 19:09 - 2014-06-07 00:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-09 19:09 - 2014-06-07 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 19:09 - 2014-06-07 00:53 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-09 19:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 19:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 19:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 20:30 - 2014-07-08 20:30 - 00000000 ____D () C:\Users\Biff\AppData\Local\JDownloader v2.0

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-07 21:15 - 2014-08-07 21:11 - 00000000 ____D () C:\FRST
2014-08-07 20:18 - 2014-08-07 20:18 - 00000000 ____D () C:\N++RECOV
2014-08-07 18:58 - 2014-07-26 09:29 - 00006509 _____ () C:\Windows\setupact.log
2014-08-07 18:13 - 2014-05-11 19:02 - 01157709 _____ () C:\Windows\WindowsUpdate.log
2014-08-07 16:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-07 15:44 - 2012-11-07 11:19 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\XBMC
2014-08-07 10:54 - 2014-05-11 18:42 - 00016844 _____ () C:\ndsvc.log
2014-08-07 08:25 - 2012-10-08 18:31 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Mozilla
2014-08-07 08:24 - 2012-10-09 17:59 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Thunderbird
2014-08-06 22:56 - 2014-03-20 21:30 - 00000000 ____D () C:\Users\Biff\.mediathek3
2014-08-06 14:44 - 2014-07-27 13:01 - 00040432 _____ () C:\Windows\IE11_main.log
2014-08-06 14:23 - 2009-07-14 06:45 - 00009888 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-06 14:23 - 2009-07-14 06:45 - 00009888 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-06 11:54 - 2014-08-06 11:54 - 00000000 ____D () C:\Users\Biff\AppData\Local\Remove_Empty_Directories
2014-08-06 11:22 - 2012-10-08 15:31 - 00000000 ____D () C:\Users\Biff\AppData\Local\VirtualStore
2014-08-06 11:20 - 2013-09-10 08:43 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-08-06 11:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-06 11:17 - 2012-10-08 17:06 - 00000000 ____D () C:\Users\Biff\Documents\PhraseExpress
2014-08-06 09:00 - 2010-05-12 11:33 - 00645016 _____ () C:\Windows\system32\perfh01F.dat
2014-08-06 09:00 - 2010-05-12 11:33 - 00136398 _____ () C:\Windows\system32\perfc01F.dat
2014-08-06 09:00 - 2010-05-12 11:21 - 00717352 _____ () C:\Windows\system32\prfh0816.dat
2014-08-06 09:00 - 2010-05-12 11:21 - 00149304 _____ () C:\Windows\system32\prfc0816.dat
2014-08-06 09:00 - 2010-05-12 11:13 - 00728692 _____ () C:\Windows\system32\perfh015.dat
2014-08-06 09:00 - 2010-05-12 11:13 - 00152270 _____ () C:\Windows\system32\perfc015.dat
2014-08-06 09:00 - 2010-05-12 11:05 - 00731832 _____ () C:\Windows\system32\perfh013.dat
2014-08-06 09:00 - 2010-05-12 11:05 - 00149500 _____ () C:\Windows\system32\perfc013.dat
2014-08-06 09:00 - 2010-05-12 10:57 - 00728380 _____ () C:\Windows\system32\perfh010.dat
2014-08-06 09:00 - 2010-05-12 10:57 - 00143244 _____ () C:\Windows\system32\perfc010.dat
2014-08-06 09:00 - 2010-05-12 10:51 - 00672088 _____ () C:\Windows\system32\perfh00E.dat
2014-08-06 09:00 - 2010-05-12 10:51 - 00167672 _____ () C:\Windows\system32\perfc00E.dat
2014-08-06 09:00 - 2010-05-12 10:44 - 00734050 _____ () C:\Windows\system32\perfh00C.dat
2014-08-06 09:00 - 2010-05-12 10:44 - 00145978 _____ () C:\Windows\system32\perfc00C.dat
2014-08-06 09:00 - 2010-05-12 10:36 - 00733790 _____ () C:\Windows\system32\perfh00A.dat
2014-08-06 09:00 - 2010-05-12 10:36 - 00154872 _____ () C:\Windows\system32\perfc00A.dat
2014-08-06 09:00 - 2010-05-12 10:30 - 00595322 _____ () C:\Windows\system32\perfh008.dat
2014-08-06 09:00 - 2010-05-12 10:30 - 00107526 _____ () C:\Windows\system32\perfc008.dat
2014-08-06 09:00 - 2010-05-12 10:24 - 00497748 _____ () C:\Windows\system32\perfh006.dat
2014-08-06 09:00 - 2010-05-12 10:24 - 00095056 _____ () C:\Windows\system32\perfc006.dat
2014-08-06 09:00 - 2010-05-12 10:18 - 00685804 _____ () C:\Windows\system32\perfh007.dat
2014-08-06 09:00 - 2010-05-12 10:18 - 00145604 _____ () C:\Windows\system32\perfc007.dat
2014-08-06 09:00 - 2009-07-14 07:13 - 09873172 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 20:24 - 2013-09-19 15:48 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\XnView
2014-08-04 11:34 - 2014-07-27 13:05 - 00298488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-04 11:34 - 2014-07-25 22:08 - 00069512 _____ () C:\Users\Biff\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-04 11:33 - 2014-07-27 13:04 - 00003442 _____ () C:\Windows\PFRO.log
2014-08-04 10:58 - 2009-07-14 04:34 - 00000439 _____ () C:\Windows\win.ini
2014-08-03 23:24 - 2009-07-14 04:34 - 00000855 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_127
2014-08-03 14:45 - 2013-11-12 11:44 - 00000134 _____ () C:\Users\Biff\Desktop\Internet Explorer Troubleshooting.url
2014-08-03 12:36 - 2014-08-03 12:36 - 00001266 _____ () C:\Users\Biff\Desktop\Windows Update (2).lnk
2014-08-02 21:05 - 2014-08-02 21:05 - 00003560 ____N () C:\bootsqm.dat
2014-08-02 12:06 - 2012-10-12 15:04 - 00007652 _____ () C:\Users\Biff\AppData\Local\Resmon.ResmonCfg
2014-08-01 18:43 - 2014-08-01 18:43 - 00000000 ____D () C:\Windows\pss
2014-08-01 18:16 - 2014-08-01 18:16 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-Biff-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-08-01 18:12 - 2014-08-01 18:12 - 00000000 ____D () C:\RegBackup
2014-08-01 18:10 - 2014-07-28 09:36 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-07-31 22:40 - 2012-11-07 11:16 - 00000000 ____D () C:\Program Files (x86)\XBMC
2014-07-31 13:32 - 2013-09-10 22:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 21:20 - 2013-09-10 22:47 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-28 18:21 - 2014-07-28 18:21 - 00000846 _____ () C:\Users\Biff\Desktop\JDownloaderExp.exe - Filme und Serien.lnk
2014-07-28 02:10 - 2014-03-28 00:46 - 00000000 ____D () C:\ProgramData\firebird
2014-07-27 15:09 - 2012-10-09 17:59 - 00000000 ____D () C:\Users\Biff\AppData\Local\Thunderbird
2014-07-27 14:11 - 2014-06-25 10:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:04 - 2013-03-21 20:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 13:04 - 2013-03-21 20:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 11:22 - 2013-04-08 00:20 - 00000000 ____D () C:\Users\Biff\AppData\Local\kvibes
2014-07-26 20:47 - 2014-07-26 20:47 - 00001023 _____ () C:\Users\Biff\Desktop\WinRAR.lnk
2014-07-26 20:46 - 2014-07-26 20:44 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-26 20:45 - 2012-12-24 02:30 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-26 20:45 - 2012-12-24 02:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-26 09:29 - 2014-07-26 09:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 21:39 - 2014-07-05 11:23 - 00000000 ____D () C:\Program Files (x86)\e2eSoft
2014-07-25 21:15 - 2014-07-29 08:41 - 00000218 _____ () C:\Users\Biff\AppData\Local\recently-used.xbel
2014-07-25 20:50 - 2014-04-01 14:05 - 62726144 _____ () C:\Users\Biff\Documents\New catalog (1).ccd
2014-07-25 14:20 - 2013-03-21 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 00:02 - 2013-04-10 22:55 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Personal Video Database
2014-07-23 14:27 - 2013-02-23 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBLink
2014-07-23 13:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-07-23 09:55 - 2012-11-24 02:05 - 00001772 _____ () C:\Windows\Sandboxie.ini
2014-07-22 21:02 - 2014-07-22 21:02 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVBLink
2014-07-22 12:27 - 2012-10-08 15:31 - 00000000 ____D () C:\Users\Biff
2014-07-20 11:48 - 2014-06-18 21:26 - 00000000 ____D () C:\Users\Biff\Documents\MemoMaster
2014-07-20 11:16 - 2014-07-20 11:16 - 00000067 _____ () C:\Windows\XMLTVSourceConfig.INI
2014-07-20 00:33 - 2014-05-13 19:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-20 00:31 - 2012-10-08 18:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 19:47 - 2013-09-17 12:12 - 00000000 ____D () C:\Users\Biff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-07-14 21:09 - 2013-12-19 09:47 - 00000000 ____D () C:\Windows\rescache
2014-07-13 20:04 - 2014-05-25 13:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-13 20:04 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 20:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-13 20:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-13 19:55 - 2013-08-27 15:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-13 19:53 - 2012-10-08 19:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-13 13:16 - 2014-07-13 13:16 - 00000000 ____D () C:\Users\Biff\AppData\Local\WDSetup
2014-07-11 03:02 - 2014-07-20 00:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-20 00:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-20 00:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-20 00:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-08 23:53 - 2011-01-11 02:23 - 00000322 _____ () C:\Windows\SysWOW64\CleanMem.ini
2014-07-08 20:30 - 2014-07-08 20:30 - 00000000 ____D () C:\Users\Biff\AppData\Local\JDownloader v2.0

Some content of TEMP:
====================
C:\Users\Biff\AppData\Local\Temp\proxy_vole5597681169445899283.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-30 10:44

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-08-2014
Ran by Biff at 2014-08-07 21:18:27
Running from I:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
BtwMfcMM (HKLM\...\{D5B46D30-F054-4C64-9C0F-97C8451E7D04}) (Version: 6.00.0000 - Broadcom Corporation)
BurnAware Free 5.5 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Pro Control Center (x32 Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Celtx (2.9.7) (HKLM-x32\...\Celtx (2.9.7)) (Version: 2.9.7 (de) - Greyfirst)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanMem (HKLM-x32\...\CleanMem) (Version: v2.4.3 - PcWinTech.com)
CloseAll (HKLM-x32\...\CloseAll) (Version: 2.0 - NTWind Software)
Copy Handler 1.32Final (HKLM\...\{9CF6A157-F0E8-4216-B229-C0CA8204BE2C}_is1) (Version: 1.32Final - Józef Starosczyk)
EaseUS Partition Master 9.2.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
EventGhost 0.4.1.r1640 (HKLM-x32\...\EventGhost_is1) (Version: 0.4.1.r1640 - EventGhost Project)
FairStars CD Ripper 1.52 (HKLM-x32\...\FairStars CD Ripper_is1) (Version:  - FairStars Soft)
gImageReader (HKLM-x32\...\gImageReader) (Version: 2.90 - Sandro Mani)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MemoMaster (HKLM-x32\...\{5FE975B7-E584-41CE-BA5E-77817F5310F1}) (Version: 5.5.0.24 - JBSoftware)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HUN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (PLK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTG) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (TRK) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
MySQL Server 5.1 (HKLM\...\{561AB451-B967-475C-80E0-3B6679C38B52}) (Version: 5.1.38 - MySQL AB)
NetDrive (HKLM-x32\...\NetDrive) (Version: 1.3.4.0 - Bdrive Inc.)
NiceCopier (HKLM-x32\...\NiceCopier_is1) (Version: 14.02.03 - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6010 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1032 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
theRenamer 7.68 (HKLM-x32\...\{55B6344C-AE4F-4DA8-BF32-D7AE0CB4D2BE}_is1) (Version:  - theRenamer)
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
VideoPad Videobearbeitungs-Software (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
WG-Dependencies (HKCU\...\4cae215cafa50d85) (Version: 1.0.0.0 - WG-Dependencies)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-07-2014 22:28:52 Revo Uninstaller's restore point - LAV Filters 0.59.1
30-07-2014 09:27:09 DirectX wurde installiert
30-07-2014 15:55:11 Windows Update
01-08-2014 12:06:20 Windows Update
03-08-2014 12:34:52 Windows Update
03-08-2014 17:32:07 Tweaking.com - Windows Repair
06-08-2014 12:22:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-08-04 10:59 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4AD56F49-FAF5-44DC-911F-4B569B43B855} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [2012-09-21] (PcWinTech.com)
Task: {6D143EF2-00F2-475B-966D-957DAA397FAF} - \MySearchDial No Task File <==== ATTENTION
Task: {76AFEFFB-7B89-45E6-9260-84AE33741D4A} - System32\Tasks\CleanMem Mini Monitor => C:\Program Files (x86)\CleanMem\mini_monitor.exe [2012-09-21] (PcWinTech.com)
Task: {8F1B8899-5171-4AD7-BCDF-A658717B19F2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {941DDF4C-C788-4498-ADA2-AC053E375EB0} - System32\Tasks\Erwachen aus Ruhezustand => C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe [2009-07-14] (Microsoft Corporation)
Task: {C8BAF0A3-8094-4F5D-BFB2-ED2EC437B174} - System32\Tasks\RunAsStdUser Task => C:\Program Files\NetDrive\netdrive.exe [2014-06-16] (Bdrive Inc.)
Task: {F229DCD7-83DE-48D8-9232-E76ADC7C69DF} - System32\Tasks\NiceCopier => C:\Program Files (x86)\NiceCopier\NiceCopier.exe [2014-02-03] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-08 02:38 - 2014-02-03 15:15 - 14351872 _____ () C:\Program Files (x86)\NiceCopier\NiceCopier.exe
2012-10-08 18:44 - 2010-03-07 19:04 - 00318976 _____ () C:\Program Files\Copy Handler\libicpf64u.dll
2012-10-08 18:44 - 2010-03-07 19:05 - 00037376 _____ () C:\Program Files\Copy Handler\libchcore64u.dll
2012-10-08 18:44 - 2010-03-07 19:05 - 00290816 _____ () C:\Program Files\Copy Handler\chext64.dll
2014-02-14 11:22 - 2012-08-14 19:37 - 00353408 _____ () I:\Programme\jDs\jDownloader 2 - Filme und Serien\JDownloaderExp.exe
2012-06-12 10:01 - 2011-06-28 19:22 - 00026112 _____ () I:\Programme\Balance Control - Lautstärke\CoreAudioApi.dll
2010-07-08 21:55 - 2007-10-10 00:36 - 01105408 _____ () I:\Programme\CPUMon\CPUMon.exe
2013-01-27 09:04 - 2014-06-06 21:43 - 01880064 _____ () I:\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exe
2014-07-28 16:12 - 2014-07-29 23:45 - 08058368 _____ () I:\Programme\MyImgur - Screenshot und Uploader\x64\MyImgur.exe
2014-07-28 13:32 - 2014-07-27 13:10 - 14107648 _____ () I:\Programme\MKVToolNix\mmg.exe
2010-07-08 21:16 - 2009-03-13 12:48 - 00602624 _____ () I:\LiberKey\Apps\Everything\App\Everything\Everything.exe
2014-08-06 11:22 - 2014-08-06 11:22 - 00043520 ____N () C:\Users\Biff\AppData\Local\Temp\proxy_vole5597681169445899283.dll
2014-08-06 11:30 - 2014-08-06 11:30 - 02593168 _____ () I:\Programme\jDs\jDownloader 2 - Filme und Serien\tmp\7zip\SevenZipJBinding-N8q7X\lib7-Zip-JBinding.dll
2010-07-08 21:10 - 2014-07-15 23:32 - 00505344 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Sqlite3.dll
2013-11-11 17:18 - 2014-07-15 23:32 - 00218112 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\libsoxr.dll
2012-07-06 03:49 - 2014-07-15 23:32 - 00220672 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Modules\MACDll.dll
2012-07-06 03:49 - 2014-07-15 23:32 - 00294400 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Modules\libFLAC.dll
2012-01-05 13:27 - 2014-07-15 23:32 - 01733120 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Modules\aimp_libvorbis.dll
2010-07-08 21:10 - 2014-07-15 23:32 - 00072136 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\aimp_lastfm.dll
2010-07-08 21:10 - 2014-07-15 23:32 - 00026624 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\Aorta.svp
2012-01-05 13:27 - 2014-07-15 23:32 - 00237568 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\OptimFROG.dll
2012-01-05 13:27 - 2014-07-15 23:32 - 00141768 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\PandemicAnalogMeter.dll
2014-08-06 13:50 - 2014-08-06 13:50 - 00011264 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nsg49E0.tmp\System.dll
2014-03-10 18:41 - 2014-03-10 18:41 - 00457000 _____ () I:\Programme\PhraseExpress\pexlang.dll
2010-07-08 21:53 - 2010-02-19 06:50 - 00413184 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxml2.dll
2010-02-19 06:50 - 2010-02-19 06:50 - 00075264 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxslt.dll
2014-08-06 22:49 - 2014-08-06 22:49 - 00011264 _____ () C:\Users\Biff\AppData\Local\Temp\nskA0FE.tmp\System.dll
2013-09-13 18:55 - 2011-10-26 17:41 - 00325120 _____ () C:\Program Files\TeraCopy\TeraCopy.dll
2014-08-07 19:06 - 2014-08-07 19:06 - 00029696 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nskC824.tmp\registry.dll
2014-08-07 19:06 - 2014-08-07 19:06 - 00008704 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nskC824.tmp\newadvsplash.dll
2014-08-07 19:06 - 2014-08-07 19:06 - 00011264 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nskC824.tmp\System.dll
2014-07-17 07:42 - 2014-07-17 07:42 - 03800688 _____ () I:\PortableApps\PortableApps\FirefoxPortable\App\firefox\mozjs.dll
2014-07-27 13:17 - 2014-07-18 03:39 - 03338352 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\mozjs.dll
2014-07-27 13:17 - 2014-07-18 03:39 - 00158832 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\NSLDAP32V60.dll
2014-07-27 13:17 - 2014-07-18 03:39 - 00023152 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\NSLDAPPR32V60.dll
2014-08-07 20:18 - 2014-08-07 20:18 - 00011264 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nsmD6B6.tmp\System.dll
2014-08-07 20:18 - 2014-08-07 20:18 - 00008704 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nsmD6B6.tmp\newadvsplash.dll
2014-08-07 20:18 - 2014-08-07 20:18 - 00029696 _____ () C:\Users\Biff\AppData\Local\Temp\FreeCommanderPortableTemp\nsmD6B6.tmp\registry.dll
2014-02-19 22:09 - 2014-02-19 22:09 - 00204800 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\ComparePlugin.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\NppExport.dll
2014-01-07 01:42 - 2014-01-07 01:42 - 01611264 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\NppFTP.dll
2014-02-26 00:23 - 2014-02-26 00:23 - 00971264 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\nppRegEx.dll
2014-02-26 00:23 - 2014-02-26 00:23 - 00210432 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\regrexplace.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7F5603FB

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2014 08:15:00 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={BD2EA8C9-6E60-4F3B-8FA9-1DF1C32C0674}: Der Benutzer "Biff-PC\Biff" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (08/06/2014 07:59:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0xf74
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:59:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0x14a8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0x1a10
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:57:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0x16d4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:57:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0xe64
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 07:56:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c9f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000008dd9
ID des fehlerhaften Prozesses: 0xe20
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/06/2014 11:34:06 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={3ED11BB7-9F05-42BB-AA5B-66A53E588E0D}: Der Benutzer "Biff-PC\Biff" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (08/06/2014 10:13:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ditto.exe, Version: 3.19.24.0, Zeitstempel: 0x53928a69
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010b6d
ID des fehlerhaften Prozesses: 0x364
Startzeit der fehlerhaften Anwendung: 0xDitto.exe0
Pfad der fehlerhaften Anwendung: Ditto.exe1
Pfad des fehlerhaften Moduls: Ditto.exe2
Berichtskennung: Ditto.exe3


System errors:
=============
Error: (08/07/2014 08:13:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst BFE erreicht.

Error: (08/07/2014 08:12:54 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DE13E041-1416-430E-9C2F-F7A548D26B3B}

Error: (08/07/2014 01:32:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehRecvr erreicht.

Error: (08/07/2014 01:31:36 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.

Error: (08/07/2014 01:30:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (08/06/2014 02:44:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (08/06/2014 11:20:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
BTHidMgr

Error: (08/06/2014 11:20:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Hauppauge CIR Receiver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (08/04/2014 11:42:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/04/2014 11:35:58 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80070420" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.


Microsoft Office Sessions:
=========================
Error: (08/07/2014 08:15:00 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {BD2EA8C9-6E60-4F3B-8FA9-1DF1C32C0674}Biff-PC\BiffBreitbandverbindung651

Error: (08/06/2014 07:59:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd9f7401cfb1a036501722C:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll7a73c1c8-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:59:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd914a801cfb1a0296eef6bC:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll6fb9c7e2-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:59:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd919e801cfb19ffa55d190C:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll62a8b5d8-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd91a1001cfb19fed28ab9cC:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll33a9b00e-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:57:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd916d401cfb19fde47dbd7C:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll265e2c38-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:57:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd9e6401cfb19fc08d8f68C:\Windows\Explorer.EXEC:\Windows\system32\USER32.dll17af90bf-1d93-11e4-9903-0022200b7ad9

Error: (08/06/2014 07:56:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4USER32.dll6.1.7601.175144ce7c9f1c00000050000000000008dd9e2001cfb157bd090aadC:\Windows\Explorer.EXEC:\Windows\system32\USER32.dllf7d6c92f-1d92-11e4-9903-0022200b7ad9

Error: (08/06/2014 11:34:06 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {3ED11BB7-9F05-42BB-AA5B-66A53E588E0D}Biff-PC\BiffBreitbandverbindung0

Error: (08/06/2014 10:13:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ditto.exe3.19.24.053928a69ole32.dll6.1.7601.175144ce7c92cc00000050000000000010b6d36401cfafc81983b7ccI:\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exeC:\Windows\system32\ole32.dll9b5e89e1-1d41-11e4-bfcf-0022200b7ad9


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 4084.56 MB
Available physical RAM: 2259.23 MB
Total Pagefile: 12082.74 MB
Available Pagefile: 8064 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Biff) (Fixed) (Total:84.37 GB) (Free:34.55 GB) NTFS
Drive i: (Biff) (Fixed) (Total:847.05 GB) (Free:289.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 7E6A4461)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=84 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=847 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Uninstaller Tool for Comodo Products, inc CIS v5 - Install / Setup / Configuration FAQ - CIS
Comodo Uninstaller anwenden.


Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)

• Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
• Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
  
  Code: Alles auswählenAufklappen

  ATTFilter

  :filefind
  *Comodo*
  :regfind
  Comodo
           

• Klicke nun auf den Button Look, um den Scan zu starten.
• Der Suchlauf kann einige Zeit dauern.
• Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
• Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Code: Alles auswählenAufklappen

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 19:25 on 08/08/2014 by Biff
Administrator - Elevation successful

========== filefind ==========

Searching for "*Comodo*"
C:\Windows\System32\winevt\Logs\COMODO Internet Security.evtx	--a---- 69632 bytes	[11:13 11/04/2014]	[11:04 27/07/2014] A41C4B7C4FF8F06B2DF57D18432FBD6E

========== regfind ==========

Searching for "Comodo"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5798fa63_0]
@="{0.0.0.00000000}.{46f201fd-ed23-432f-9a0f-a77f777dd150}|\Device\HarddiskVolume2\Users\Biff\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6a1351_0]
@="{0.0.0.00000000}.{043e8a3d-a51f-44b3-8f5d-f53335d6463c}|\Device\HarddiskVolume2\Users\Biff\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\7354f806_0]
@="{0.0.0.00000000}.{46f201fd-ed23-432f-9a0f-a77f777dd150}|\Device\HarddiskVolume2\Program Files\COMODO\COMODO Internet Security\cis.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCFF154D-A97B-4138-A1AC-A2B0C3C05696}\3E9B4EB9-8559-4223-AC06-95F334A7354F]
"lastAnswer"="COMODO_Money_1.NextOne.Yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCFF154D-A97B-4138-A1AC-A2B0C3C05696}\6E7B924B-78D4-48F1-80A0-185C972635C4.Biff]
"lastAnswer"="ComodoMoneyMoneyInTheBank.NextOne.Yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCFF154D-A97B-4138-A1AC-A2B0C3C05696}\D5B59F2D-3BED-447D-9CFF-C680EA942142.Biff]
"lastAnswer"="ComodoMoneyFeedbackSurvey.NextOne.Yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdurlflt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisbf.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcfg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdscope.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcloud.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdtrust.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdstat.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdlogs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdboost.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdavcen.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisresc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdurlflt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisbf.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcfg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdscope.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcloud.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdtrust.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdstat.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdlogs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdboost.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdavcen.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisresc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability\shutdown]
"Comment"="Der Windows Installer hat einen Neustart des Systems initiiert, um die Konfiguration von "COMODO Internet Security" fortzusetzen bzw. abzuschließen."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdurlflt.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1036D47D-207A-4AFD-9B1E-F3DB07986A15}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{14FBD7D3-7268-4A74-95CF-01B1E5B7976B}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisbf.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1F5B557B-0805-423E-B525-5939F5889232}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcfg.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{24A0D9BF-3D3D-4F38-AB6C-D18794FAC2AD}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdscope.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{3E799E85-C087-4F85-8EAA-0FC40612C8E2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdcloud.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{5273FED5-F5D3-46F5-9255-34588BDD97ED}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdtrust.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{57D2B4B8-0D84-4B72-91D3-805E102EB946}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdstat.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{70298D18-8AE5-49A1-97B3-BF862A5C5130}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{BAFAD68A-E0A2-4EB2-B2BA-1D0DE7CB2910}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdlogs.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{C94EA223-25EE-4DDF-BB10-21E109B11D29}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdboost.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{ED4F89EE-425E-4606-9EE6-D2D9F485BE21}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cmdavcen.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{F2CB98B4-6A6D-43E8-8729-8E70B7DC11F2}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\0\win64]
@="C:\Program Files\COMODO\COMODO Internet Security\cisresc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{F8C8C537-0997-4D12-BD50-9B6C31A4883E}\1.0\HELPDIR]
@="C:\Program Files\COMODO\COMODO Internet Security"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDERD\0000]
"DeviceDesc"="COMODO Internet Security Eradication Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDGUARD\0000]
"DeviceDesc"="COMODO Internet Security Sandbox Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDHLP\0000]
"DeviceDesc"="COMODO Internet Security Helper Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_INSPECT\0000]
"DeviceDesc"="COMODO Internet Security Firewall Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CavWp]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CavWp]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CfpConfg]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CfpConfg]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CIS]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CIS]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CisTray]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CisTray]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CmdAgent]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CmdAgent]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CmdUpd]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\COMODO Internet Security\CmdUpd]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDERD\0000]
"DeviceDesc"="COMODO Internet Security Eradication Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDGUARD\0000]
"DeviceDesc"="COMODO Internet Security Sandbox Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDHLP\0000]
"DeviceDesc"="COMODO Internet Security Helper Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_INSPECT\0000]
"DeviceDesc"="COMODO Internet Security Firewall Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CavWp]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CavWp]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CfpConfg]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CfpConfg]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CIS]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CIS]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CisTray]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CisTray]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CmdAgent]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CmdAgent]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CmdUpd]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\COMODO Internet Security\CmdUpd]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDERD\0000]
"DeviceDesc"="COMODO Internet Security Eradication Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDGUARD\0000]
"DeviceDesc"="COMODO Internet Security Sandbox Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDHLP\0000]
"DeviceDesc"="COMODO Internet Security Helper Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_INSPECT\0000]
"DeviceDesc"="COMODO Internet Security Firewall Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CavWp]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CavWp]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CfpConfg]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CfpConfg]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CIS]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CIS]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CisTray]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CisTray]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CmdAgent]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CmdAgent]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CmdUpd]
"EventMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\COMODO Internet Security\CmdUpd]
"CategoryMessageFile"="C:\Program Files\COMODO\COMODO Internet Security\cmdevlog.dll"
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\5798fa63_0]
@="{0.0.0.00000000}.{46f201fd-ed23-432f-9a0f-a77f777dd150}|\Device\HarddiskVolume2\Users\Biff\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\6a1351_0]
@="{0.0.0.00000000}.{043e8a3d-a51f-44b3-8f5d-f53335d6463c}|\Device\HarddiskVolume2\Users\Biff\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\7354f806_0]
@="{0.0.0.00000000}.{46f201fd-ed23-432f-9a0f-a77f777dd150}|\Device\HarddiskVolume2\Program Files\COMODO\COMODO Internet Security\cis.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "         "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Eigene Dateien\Biffs Router (von Sami) - WLAN - T-Com - Telekom Speedport W 700V (SNr. 501606)\netzmanager_setup.exe"="Netzmanager der Deutschen Telekom AG                                                                                                                                                                                                                               "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\PDFCreator-1_7_3_setup.exe"="PDFCreator is the easy way of creating PDFs.                "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\Festplattenanalyse, Statistik, Dateilisten, Ordner - hddboost.exe"="HDD-Booster Setup                                           "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\drw_free - Free Data Recovery - Datenwiederherstellung - Datenrettung.exe"="EaseUS Data Recovery Wizard 7.5 Setup                       "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\MonitorOff-setup.exe"="Monitor Off Utility                                         "
[HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\pwhe8.exe"="MiniTool Partition Wizard Home Edition Setup                "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="2.0"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>                     </Resource>                 </Res
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="1" XmlRenderingType="text" Architecture="32" >                         <InitializationParameters>                             <Param Name="PSVersion" Value="2.0"/>                         </InitializationParameters>                         <Resources>                             <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true">                                 <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                                
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Live\Common]
"PCModel"="P8614           "
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows Live\Common]
"Manufacturer"="Medion          "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#100301371CB593&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_SDMMC&REV_#504E414534343458D1CAF6397828A110&1#]
"DeviceDesc"="SDMMC           "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_ODYS_X26&PROD_&REV_1.00#V1.3.17_&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700013365&0#]
"DeviceDesc"="DISK            "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700074340&0#]
"DeviceDesc"="DISK            "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#100301371CB593&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_SDMMC&REV_#504E414534343458D1CAF6397828A110&1#]
"DeviceDesc"="SDMMC           "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_ODYS_X26&PROD_&REV_1.00#V1.3.17_&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700013365&0#]
"DeviceDesc"="DISK            "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700074340&0#]
"DeviceDesc"="DISK            "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_&REV_0.00#100301371CB593&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_SDMMC&REV_#504E414534343458D1CAF6397828A110&1#]
"DeviceDesc"="SDMMC           "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_ODYS_X26&PROD_&REV_1.00#V1.3.17_&0#]
"DeviceDesc"="                "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700013365&0#]
"DeviceDesc"="DISK            "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_USB&PROD_DISK&REV_1100#AA04012700074340&0#]
"DeviceDesc"="DISK            "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Eigene Dateien\Biffs Router (von Sami) - WLAN - T-Com - Telekom Speedport W 700V (SNr. 501606)\netzmanager_setup.exe"="Netzmanager der Deutschen Telekom AG                                                                                                                                                                                                                               "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\PDFCreator-1_7_3_setup.exe"="PDFCreator is the easy way of creating PDFs.                "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\Festplattenanalyse, Statistik, Dateilisten, Ordner - hddboost.exe"="HDD-Booster Setup                                           "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\drw_free - Free Data Recovery - Datenwiederherstellung - Datenrettung.exe"="EaseUS Data Recovery Wizard 7.5 Setup                       "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\MonitorOff-setup.exe"="Monitor Off Utility                                         "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\pwhe8.exe"="MiniTool Partition Wizard Home Edition Setup                "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Eigene Dateien\Biffs Router (von Sami) - WLAN - T-Com - Telekom Speedport W 700V (SNr. 501606)\netzmanager_setup.exe"="Netzmanager der Deutschen Telekom AG                                                                                                                                                                                                                               "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\PDFCreator-1_7_3_setup.exe"="PDFCreator is the easy way of creating PDFs.                "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\Festplattenanalyse, Statistik, Dateilisten, Ordner - hddboost.exe"="HDD-Booster Setup                                           "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\drw_free - Free Data Recovery - Datenwiederherstellung - Datenrettung.exe"="EaseUS Data Recovery Wizard 7.5 Setup                       "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\MonitorOff-setup.exe"="Monitor Off Utility                                         "
[HKEY_USERS\S-1-5-21-1049388694-2736142571-1025416933-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"I:\Programme - nicht installiert\pwhe8.exe"="MiniTool Partition Wizard Home Edition Setup                "

-= EOF =-
         

Habe die Vermutung, daß diese "Warteschlange" Ursache sein könnte für das unbrauchbare langsame System:

ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).


Ebenso würde ich die Platte mal mit Seatools scannen.

Vielen Dank schrauber.

Zitat:

Ebenso würde ich die Platte mal mit Seatools scannen.

Hatte die Platte mit HD Tune gerade mal getestet:
Werde es dann noch einmal mit dem Seagate-Programm versuchen.

Zitat:

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Gut, habe ich so gemacht, so sieht es aus:

Die CPU-Leistung scheint eigentlich auszureichen nach meinen Beobachtungen, hätte ich gedacht, es scheint eher irgendwie mit dem Lesen von der, Schreiben auf die Platte zu tun zu haben. Bzw. mit den Prozessen auf den Bildschirmfotos in meinem Beitrag zuvor. Es gibt immer mal wieder sehr kurze Phasen, da läuft das Notebook brauchbar.

Der JDownloader zieht auch einiges an Saft, und das Ding ist grundsätzlich voll Adware.

Ja, das stimmt, der braucht einiges an CPU, Adware konnte ich noch nicht finden (mit MalwarBytes, SuperAntiSpyware etc.).

Aber mein System läuft auch unbrauchbar, wenn jD nicht läuft.

Könnte es etwas mit diesen Warteschlangen zu tun haben? Mit Schreib-, Lesevorgängen?

Kopieren von 0 byte-Dateien, bzw. von einer auf derselben Platte dauert teilweise extrem lange. umbenennen einer Datei, öffnen / schließen von Programmen, Firefox, Thunderbird sind langsam.

klar. Mach mal ein Inplace Upgrade, ansonsten bleibt ja nur Platte oder RAM.

Wie es aussieht, ist ein Inplace Upgrade das selbe wie eine Reparaturinstallation, bei der ich die original CD / DVD von Windows 7 brauche, stimmt das?

Dann würde ich das mal ausprobieren. Also, ich glaube, einfach die DVD einlegen und Notebook starten und dann auf "Reparatur" oder so etwas klicken.