Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(

Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(


Log-Analyse und Auswertung: Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.03.2015, 19:24   #1
Frank68164
 
Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-( - Standard

Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(


Hallo zusammen,

ich habe nach Euren Schritten versucht einen Virus zu entfernen, habe jedoch leider keine Logs, da ich das überlesen hatte. Lediglich die folgenden OTLs stehen zur Verfügung:

OTL logfile created on: 02.03.2015 19:06:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*******\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,03% Memory free
6,50 Gb Paging File | 5,15 Gb Available in Paging File | 79,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 18,04 Gb Free Space | 30,78% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 328,18 Gb Free Space | 55,05% Space Free | Partition Type: NTFS

Computer Name: *******-PC | User Name: ******** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Fischer\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe ()
MOD - C:\Program Files (x86)\Hardcopy\hardcopy_05.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswsnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswmonflt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 F6 D4 10 B9 6A CF 01 [binary data]
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 62 14 98 2F B9 CF 01 [binary data]
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2838749872-3948068845-573734339-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultenginename: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search/?trackid=sp-006"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.search.selectedEngine: "Google (avast)"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/?trackid=sp-006"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.1.0.170
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0
FF - prefs.js..keyword.URL: "https://www.google.com/search/?trackid=sp-006"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.01.27 21:56:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 35.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.05.08 23:54:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fischers\AppData\Roaming\mozilla\Extensions
[2015.03.01 16:04:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fischers\AppData\Roaming\mozilla\Firefox\Profiles\f62z4hnd.default\extensions
[2015.02.28 19:16:28 | 000,463,923 | ---- | M] () (No name found) -- C:\Users\Fischers\AppData\Roaming\mozilla\firefox\profiles\f62z4hnd.default\extensions\langpack-de@firefox.mozilla.org.xpi
[2015.02.01 11:48:30 | 000,985,112 | ---- | M] () (No name found) -- C:\Users\Fischers\AppData\Roaming\mozilla\firefox\profiles\f62z4hnd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.12.12 19:14:01 | 000,002,428 | ---- | M] () -- C:\Users\Fischers\AppData\Roaming\mozilla\firefox\profiles\f62z4hnd.default\searchplugins\google-avast.xml
[2015.02.27 14:30:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.02.27 14:30:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.01.27 21:56:53 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2838749872-3948068845-573734339-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2838749872-3948068845-573734339-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2838749872-3948068845-573734339-1003..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-2838749872-3948068845-573734339-1003..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2838749872-3948068845-573734339-1000..\RunOnce: [Adobe Speed Launcher] 1425319394 File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC1E6E3D-F7A9-4BB6-8C2C-CBD504ECD79D}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015.03.01 18:34:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2015.03.01 18:23:22 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.03.01 18:23:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
[2015.03.01 18:23:06 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015.03.01 18:23:06 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015.03.01 18:23:06 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015.03.01 18:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware
[2015.03.01 18:23:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.03.01 16:28:51 | 000,000,000 | ---D | C] -- C:\Users\Fischers\AppData\Local\CrystalDiskMark
[2015.03.01 16:13:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015.03.01 16:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015.03.01 16:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015.03.01 16:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015.03.01 16:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015.02.28 19:16:34 | 000,000,000 | ---D | C] -- C:\Users\Fischers\AppData\Local\TuneUp Software
[2015.02.28 19:16:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2015.02.28 19:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2015.02.28 19:15:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Codec Pack
[2015.02.28 19:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2015.02.28 19:15:19 | 000,000,000 | ---D | C] -- C:\Users\Fischers\AppData\Roaming\DVDVideoSoft
[2015.02.28 19:08:51 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2015.02.28 19:08:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2015.02.27 20:05:20 | 000,608,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.02.27 19:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark
[2015.02.27 19:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskMark
[2015.02.27 14:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.02.20 00:43:44 | 018,634,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015.02.20 00:43:44 | 016,128,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2015.02.20 00:43:38 | 013,916,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.02.20 00:43:36 | 031,515,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.02.20 00:43:36 | 011,272,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.02.20 00:43:34 | 024,198,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.02.20 00:43:30 | 000,944,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.02.20 00:43:30 | 000,907,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.02.20 00:43:26 | 001,907,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434144.dll
[2015.02.20 00:43:26 | 001,555,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434144.dll
[2015.02.20 00:43:26 | 000,902,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.02.20 00:43:26 | 000,870,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.02.20 00:43:24 | 017,559,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.02.20 00:43:24 | 014,497,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2015.02.20 00:43:22 | 013,828,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.02.20 00:43:22 | 004,244,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.02.20 00:43:22 | 003,987,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.02.20 00:43:20 | 011,209,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.02.20 00:43:00 | 015,294,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.02.20 00:42:58 | 022,993,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.02.20 00:42:56 | 002,823,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015.02.13 09:24:20 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.02.13 09:24:19 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.02.13 09:24:19 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.02.11 23:05:59 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2015.02.11 18:43:41 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015.02.11 18:43:41 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015.02.11 18:43:33 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.02.11 18:43:33 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.02.11 18:43:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.02.11 18:43:33 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.02.11 18:43:33 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.02.11 18:43:32 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.02.11 18:43:32 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.02.11 18:43:32 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.02.11 18:43:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.02.11 18:43:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.02.11 18:43:29 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.02.11 18:43:29 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.02.11 18:43:29 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.02.11 18:43:28 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.02.11 18:43:28 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.02.11 18:43:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.02.11 18:43:27 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.02.11 18:43:27 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.02.11 18:43:27 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.02.11 18:43:26 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.02.11 18:43:26 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.02.11 18:43:25 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.02.11 18:43:24 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.02.11 18:43:24 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.02.11 18:43:23 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.02.11 18:43:23 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.02.11 18:43:23 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.02.11 18:43:22 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.02.11 18:43:21 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.02.11 18:43:21 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.02.11 18:43:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.02.11 18:43:20 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.02.11 18:41:42 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.02.11 18:36:46 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.02.11 18:36:46 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.02.11 18:36:41 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.02.11 18:36:40 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.02.11 18:36:40 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.02.11 18:36:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.02.11 18:36:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.02.11 18:36:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.02.11 18:36:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.02.11 18:36:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.02.11 18:36:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.02.11 18:36:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.02.11 18:36:39 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.02.11 18:36:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.02.11 18:36:34 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015.02.11 18:36:32 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015.02.11 18:36:19 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015.02.11 18:36:19 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015.02.11 18:36:15 | 005,554,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.02.11 18:36:14 | 003,972,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.02.11 18:36:14 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.02.11 18:36:12 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.02.11 18:36:12 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.02.11 18:36:12 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.02.07 09:55:58 | 000,000,000 | ---D | C] -- C:\Users\Fischers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2015.02.07 09:55:57 | 000,000,000 | ---D | C] -- C:\Users\Fischers\Documents\VirtualDJ
[2015.02.07 09:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2015.02.01 11:42:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.02.01 11:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

========== Files - Modified Within 30 Days ==========

[2015.03.02 19:09:04 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.03.02 19:09:04 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.03.02 19:07:42 | 001,619,284 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.03.02 19:07:42 | 000,699,092 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.03.02 19:07:42 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.03.02 19:07:42 | 000,149,232 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.03.02 19:07:42 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.03.02 19:03:11 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.03.02 19:01:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.03.02 19:01:53 | 2616,594,432 | -HS- | M] () -- C:\hiberfil.sys
[2015.03.02 07:19:05 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.03.01 18:23:34 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.03.01 18:23:11 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2015.03.01 18:02:40 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.03.01 16:13:28 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.03.01 16:06:35 | 000,000,788 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2015.02.28 19:16:00 | 000,001,538 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
[2015.02.27 19:59:25 | 000,001,760 | ---- | M] () -- C:\Users\Fischers\Desktop\CrystalDiskMark.lnk
[2015.02.20 00:43:50 | 000,072,904 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015.02.20 00:43:50 | 000,059,592 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015.02.20 00:43:44 | 018,634,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015.02.20 00:43:44 | 016,128,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2015.02.20 00:43:38 | 013,916,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.02.20 00:43:36 | 031,515,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.02.20 00:43:36 | 011,272,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.02.20 00:43:34 | 024,198,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.02.20 00:43:30 | 000,944,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.02.20 00:43:30 | 000,907,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.02.20 00:43:30 | 000,026,155 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2015.02.20 00:43:26 | 001,907,400 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434144.dll
[2015.02.20 00:43:26 | 001,555,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434144.dll
[2015.02.20 00:43:26 | 000,902,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.02.20 00:43:26 | 000,870,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.02.20 00:43:24 | 017,559,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.02.20 00:43:24 | 014,497,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2015.02.20 00:43:22 | 013,828,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.02.20 00:43:22 | 004,244,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.02.20 00:43:22 | 003,987,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.02.20 00:43:20 | 011,209,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.02.20 00:43:00 | 015,294,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.02.20 00:42:58 | 022,993,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.02.20 00:42:56 | 003,209,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2015.02.20 00:42:56 | 002,823,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015.02.11 23:07:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2015.02.11 20:15:31 | 004,849,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.02.07 09:55:59 | 000,000,960 | ---- | M] () -- C:\Users\Fischers\Desktop\VirtualDJ 8.lnk
[2015.02.06 21:36:24 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.02.06 21:36:24 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.02.04 03:21:59 | 006,782,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2015.02.04 03:21:59 | 003,522,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2015.02.04 03:21:44 | 002,558,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2015.02.04 03:21:43 | 000,062,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2015.02.04 03:21:41 | 000,384,200 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2015.02.04 01:00:33 | 000,608,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.02.03 17:18:34 | 004,229,086 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2015.02.01 11:40:59 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015.02.01 11:40:57 | 000,319,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2015.02.01 11:40:57 | 000,191,400 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2015.02.01 11:40:57 | 000,190,888 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

========== Files Created - No Company Name ==========

[2015.03.01 18:23:11 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2015.03.01 16:13:28 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015.02.27 19:59:25 | 000,001,760 | ---- | C] () -- C:\Users\Fischers\Desktop\CrystalDiskMark.lnk
[2015.02.11 23:07:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2015.02.11 23:06:07 | 000,002,419 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mobile Device Center.lnk
[2014.05.08 18:54:42 | 001,592,628 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.05.07 18:19:43 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2014.05.07 18:19:43 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014.05.07 18:19:35 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014.05.07 18:19:35 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2014.04.30 18:47:48 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2014.04.30 18:47:48 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2014.04.30 18:47:48 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2014.04.30 18:47:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2014.04.30 18:47:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2014.04.22 13:10:00 | 130,633,141 | ---- | C] () -- C:\Program Files\openoffice1.cab
[2014.04.22 13:08:30 | 000,476,160 | ---- | C] () -- C:\Program Files\setup.exe
[2014.04.22 13:08:28 | 002,310,144 | ---- | C] () -- C:\Program Files\openoffice410.msi
[2014.04.22 13:08:28 | 000,000,279 | ---- | C] () -- C:\Program Files\setup.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.05.08 10:00:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014.05.08 10:00:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.05.08 13:17:32 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\AVAST Software
[2014.05.08 15:25:03 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\Canneverbe Limited
[2014.05.08 15:50:30 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\CD-LabelPrint
[2014.05.09 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\chc
[2014.05.09 21:07:26 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2015.02.28 19:16:15 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\DVDVideoSoft
[2014.05.09 00:32:26 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\OpenOffice
[2014.10.13 18:49:02 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\Samsung
[2014.07.27 07:12:45 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015.02.28 19:21:48 | 000,000,000 | ---D | M] -- C:\Users\Fischer\AppData\Roaming\TuneUp Software
[2014.05.08 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\AVAST Software
[2014.06.04 17:39:42 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\Canneverbe Limited
[2015.01.03 13:57:01 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\DesktopIconAmazon
[2015.02.28 19:15:49 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\DVDVideoSoft
[2014.08.16 10:35:05 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\OpenOffice
[2014.08.16 10:05:03 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\Oracle
[2014.08.17 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\Softland
[2014.08.16 09:47:54 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\Thunderbird
[2015.02.28 19:16:34 | 000,000,000 | ---D | M] -- C:\Users\Fischers\AppData\Roaming\TuneUp Software

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 02.03.2015 19:06:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*******\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,25 Gb Total Physical Memory | 2,02 Gb Available Physical Memory | 62,03% Memory free
6,50 Gb Paging File | 5,15 Gb Available in Paging File | 79,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 18,04 Gb Free Space | 30,78% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 328,18 Gb Free Space | 55,05% Space Free | Partition Type: NTFS

Computer Name: *******-PC | User Name: ******** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2838749872-3948068845-573734339-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2838749872-3948068845-573734339-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{083E045F-D2F6-4F71-9DF1-191BD06B27AA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0ACEE510-AA43-4325-B324-E637D4F74ABC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0D6715FF-DB88-4799-A58D-B1E799F6EF08}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1D96BAAB-869A-4536-944E-44A51714EBC0}" = lport=445 | protocol=6 | dir=in | app=system |
"{1F6AD50E-D20A-4A77-973E-F98D5AEEECF1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3330F4C1-43EC-48AF-BB8A-DB78E7CF83D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{392ED10D-B332-4742-9643-CA755AE7AABF}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{3C43CF54-0025-4A3E-8F48-A838AD1D4F10}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4DB52D48-F0EA-44E1-97C4-A9D654888F5A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5661D174-91A2-4AB8-BAE8-36D13F257380}" = rport=137 | protocol=17 | dir=out | app=system |
"{585D84B6-AF7A-4FD0-9F52-C57E88AC6DED}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6F5651DB-2B03-4DEB-95EF-197043C005FA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{787D0A19-2E88-4E3C-8916-BBDC8DAE2466}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{78AE5BC7-5407-41A7-9EB7-DCA892C9577A}" = lport=139 | protocol=6 | dir=in | app=system |
"{7CBB0876-0685-4AE8-AF83-65EE3FC3D53B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{84971615-9280-42FD-9BE3-3F4B509DCEAD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E73075C-8748-4128-A4C7-5E94B42FB013}" = lport=138 | protocol=17 | dir=in | app=system |
"{988726E8-B2EC-44EC-8804-B0BEFB51DF27}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A172368C-F4CE-46E9-BDDE-E9B110FFED4F}" = rport=138 | protocol=17 | dir=out | app=system |
"{A496206D-8B9B-4A0D-A516-E7E9BB5F49E4}" = rport=445 | protocol=6 | dir=out | app=system |
"{AC969A13-5F8D-4ABE-A460-6A9E9AB01D74}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ACDFA2B1-0932-4213-8C86-53FB0DA01FD2}" = rport=139 | protocol=6 | dir=out | app=system |
"{AD835F84-1FAE-45AC-95AE-FD4905E80E3F}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B4A709C2-D9E1-4504-8278-13E27F217A59}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B9795752-D150-4BBD-91C3-BDD49E2D4BD1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BD8AF9E7-D972-43A6-8DE7-A5398D9BE327}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD920616-7F80-4003-A337-B8B90810357B}" = lport=137 | protocol=17 | dir=in | app=system |
"{E1269C91-C217-4336-BDFF-E16CABBEDBD8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EE0BAD82-132D-4D3C-B453-A064957FD5B5}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020B9014-89B8-43F4-9397-91D386BEF6C6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06FAA77B-CF6B-4FC1-BED0-06302EF97516}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{19B255C6-F8E7-4BE1-B8FE-4D2F4E04FE6B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1A5008C9-B966-4505-A876-F097CAC3C720}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{21FA836C-BEB3-4AAE-932C-FBD7798A1C73}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2210E067-FE9B-460E-8E4E-3A437237D956}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{221513A8-7F3C-4610-B9FE-10BF69080F8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22233FBA-EDB2-48CF-AD1F-450B8384E7B9}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{260BC1EE-E549-4E83-A20F-91783104896E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33F32C60-8CD6-43BA-9A7A-E47D73971DD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{38755A00-6DFB-4D55-982C-3D6B51F9F742}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{483B555E-AAC2-4054-9A7B-64EED322325D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A029E65-8218-4036-A359-9C9368993291}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5150148A-3A97-4970-9C8A-5F404F364BBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5840CB2A-61C0-44DF-AC01-F2538995BE18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{613ECF20-28BD-405B-95C7-B676EA7FDECA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6A1E1667-9ABC-43E0-9428-363F5CAB7CF9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{84FDEAAE-CA78-4417-A6AB-7046F5704F86}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C9EE703-D8E1-42DE-A010-8DD01296668F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{992A11E1-9D1A-4C78-9833-B9979810AD68}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9D6DDF03-ECB8-4E7D-9932-49AE0DE99FCD}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A2AF3EAF-B114-4627-950A-49FB81E95D50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A93291E1-38B7-4F21-BF2F-B3647A10C9F4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AAD3AAD5-34D4-4C9B-93B2-FCAE161FA133}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AC2538BE-76F0-496B-B1A3-F807E24240CA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B20AFA0D-D610-4477-B1B3-8B918D817EDC}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{BA6A2A3E-9FCE-4156-8792-1DCC7726ADD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C61018A0-BBBE-4B47-8142-B848F0836A57}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E10BDFDC-824E-4697-8F00-46F954DD32C5}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8C9B63E-D0C0-4CD5-8DCD-D74D8BB69DD0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F2754EE1-E869-4E37-9928-A4CDBD1561B2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F966C58E-567E-4DF1-AB2E-019E7255A974}" = protocol=6 | dir=out | app=system |
"{FA072BF3-1A49-4268-B242-AEF099E50B89}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{4F6F8C47-00D5-47DD-9A67-81EE36B93AFC}C:\program files (x86)\ofps_superfotochemnitz\ofps.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ofps_superfotochemnitz\ofps.exe |
"UDP Query User{2F659E1F-E8B8-4796-A713-167FC91CB5D0}C:\program files (x86)\ofps_superfotochemnitz\ofps.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ofps_superfotochemnitz\ofps.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU
"{1DB0C90B-2A9F-3A1E-B1DF-616C5A2A1417}" = Microsoft .NET Framework 4.5.2 (DEU)
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F86418031F0}" = Java 8 Update 31 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.2 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9B3B4129-220E-42C7-9C5B-91C65E0885B4}" = Apple Mobile Device Support
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.18.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{C36440D2-5DBE-4F20-8D39-39D83FDBBE4E}" = iTunes
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"CCleaner" = CCleaner
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.3b
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"VLC media player" = VLC media player

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{447CDCE5-F555-429B-BFA6-642C3C6D684F}" = Apple Application Support (32-Bit)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B77622E-DE90-48EA-B2C7-227B1DE58A01}" = Adobe AIR
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{85E12659-D3A1-4583-BA1C-95DF53C3C632}" = VirtualDJ 8
"{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9652ACA0-38A4-4BF8-B15E-2317D41D0AE3}" = VirtualDJ 8
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}" = OpenOffice 4.1.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Avast" = Avast Free Antivirus
"CanonMyPrinter" = Canon My Printer
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"FileHippo.com" = FileHippo App Manager
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.55.219
"Hardcopy" = Hardcopy
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.4.1028
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 36.0 (x86 de)" = Mozilla Firefox 36.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Online Foto Print System (superfoto)" = Online Foto Print System ( OFPS Super Foto Chemnitz )
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2838749872-3948068845-573734339-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 01.03.2015 14:40:46 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(1).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 14:41:13 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:09:03 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(2).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:09:08 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(2).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:41:29 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(2).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:41:32 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(2).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:46:46 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(3).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 15:46:49 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Fischer\Downloads\esetsmartinstaller_deu(3).exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 01.03.2015 20:46:31 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 02.03.2015 01:39:39 | Computer Name = Fischer-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


< End of report >

Könnt Ihr mir da helfen? Vorab vielen Dank!
Viele Grüße, Frank

 

Themen zu Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(
antivirus, autorun, bho, bonjour, entfernen, fehler, firefox, flash player, format, google, helper, home, iexplore.exe, install.exe, logfile, mozilla, mp3, recuva, registry, rundll, scan, security, siehe titel, software, svchost.exe, udp, virus, windows


« Netbook sehr langsam | Windows 8.1 - youradexchange öffnet selbständig Tabs mit Werbung in Chrome »


Ähnliche Themen: Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(


  1. Win XP: Nach bereinigung mit MBAM lassen sich keine Office-Dateien öffnen
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (4)
  2. Roll Around nach Aktionen noch vorhanden
    Log-Analyse und Auswertung - 03.03.2015 (17)
  3. BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7
    Log-Analyse und Auswertung - 20.11.2013 (13)
  4. BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden
    Plagegeister aller Art und deren Bekämpfung - 04.11.2013 (14)
  5. GVU-Trojaner nach Windowsunlocker noch vorhanden
    Plagegeister aller Art und deren Bekämpfung - 03.11.2013 (23)
  6. Nach Formatierung noch Malware vorhanden?
    Log-Analyse und Auswertung - 22.07.2013 (22)
  7. GVU Trojaner? - Syptome behoben, aber PC wohl noch nicht sauber
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (9)
  8. GVU-Trojaner mit Webcam nach Kaspersky Rescue noch vorhanden
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (11)
  9. Nach Befall von Exploit.Drop.GS und Trojan.PWS - Pc trotz angeblicher erfolgreicher Bereinigung immer noch langsam
    Plagegeister aller Art und deren Bekämpfung - 02.10.2012 (32)
  10. Virus noch vorhanden? Widersprüchliche GMER und Malwarebyte-Logs
    Plagegeister aller Art und deren Bekämpfung - 08.04.2012 (28)
  11. Bundespolizei Trojaner nach Systemwiederherstellung noch vorhanden?
    Log-Analyse und Auswertung - 06.03.2012 (19)
  12. Problem: Weisser Bildschirm noch keine Internet verbindung vorhanden bitte warte.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2012 (21)
  13. nach Bereinigung von Windows Recovery Virus bitte Logs prüfen
    Log-Analyse und Auswertung - 03.04.2011 (5)
  14. Googledienst nach Deinstallation von Google Earth noch vorhanden
    Alles rund um Windows - 28.05.2010 (12)
  15. TR Crypt FKM Gen nach Formatierung noch vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2008 (2)
  16. Backdoor Trojaner nach Formatierung von C noch vorhanden?!
    Log-Analyse und Auswertung - 31.01.2008 (3)
  17. Nach deinstallation Dienste noch vorhanden!
    Alles rund um Windows - 30.05.2006 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-( - Hallo zusammen, ich habe nach Euren Schritten versucht einen Virus zu entfernen, habe jedoch leider keine Logs, da ich das überlesen hatte. Lediglich die folgenden OTLs stehen zur Verfügung: OTL - Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-(...
Archiv
Du betrachtest: Win 7 : Roll Around nach Bereinigung wohl noch nicht weg / Keine Logs vorhanden :-( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131