Trojaner-Board - Teknum Systems update.exe entfernen

scan läuft

Code:

OTL logfile created on: 01.07.2013 16:08:33 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Giese\Desktop\USB 32GB\Maleware Programme

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16614)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,58% Memory free

15,97 Gb Paging File | 13,86 Gb Available in Paging File | 86,83% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 97,56 Gb Total Space | 40,41 Gb Free Space | 41,42% Space Free | Partition Type: NTFS

Drive D: | 409,05 Gb Total Space | 399,22 Gb Free Space | 97,60% Space Free | Partition Type: NTFS

Drive E: | 424,80 Gb Total Space | 170,92 Gb Free Space | 40,23% Space Free | Partition Type: NTFS

 

Computer Name: GIESE-PC | User Name: Giese | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)

PRC - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)

PRC - C:\Users\Giese\Desktop\USB 32GB\Maleware Programme\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)

PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\Vtune\TBPANEL.exe ()

PRC - C:\Program Files (x86)\ASUS\EPU\EPU.exe (

ASUSTeK Computer Inc.)

PRC - C:\Programme\ASUS\GPU Boost Driver\GpuBoostServer.exe (

ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)

PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()

MOD - C:\Program Files (x86)\Vtune\TBPANEL.exe ()

MOD - C:\Program Files (x86)\ASUS\EPU\pngio.dll ()

MOD - C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll ()

MOD - C:\Windows\SysWOW64\AsIO.dll ()

MOD - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll ()

MOD - C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL ()

MOD - C:\Program Files (x86)\Vtune\TBManage.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (avast! Firewall) -- C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)

SRV - (Garmin Core Update Service) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)

SRV - (BayerHealthcareService) -- C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe (Bayer Healthcare LLC)

SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)

DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()

DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)

DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()

DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)

DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)

DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)

DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)

DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)

DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)

DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (SAllBDA) -- C:\Windows\SysNative\drivers\TeViiS2.sys (TeVii Technology Ltd.)

DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (AODDriver) -- C:\Programme\ASUS\GPU Boost Driver\amd64\aoddriver.sys (Advanced Micro Devices)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (Cardex) -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys (Windows (R) Server 2003 DDK provider)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/?a=1eynX8MsEWa

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://mystart.incredimail.com/?a=1eynX8MsEWa

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes,DefaultScope = {E76A75A8-CED9-4246-9D55-1BCB70E7895A}

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes\{D4A2565C-9A1B-44cb-BFEE-B1ECE62050C4}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes\{E76A75A8-CED9-4246-9D55-1BCB70E7895A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar-Player: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Giese\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Giese\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX

 

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Ixquick HTTPS - Deutsch (Enabled)

CHR - default_search_provider: search_url = https://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch

CHR - default_search_provider: suggest_url = 

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Giese\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - Extension: avast! Online Security = C:\Users\Giese\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\

 

O1 HOSTS File: ([2013.03.23 22:18:10 | 000,445,760 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        www.123fporn.info

O1 - Hosts: 15307 more lines...

O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found.

O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)

O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)

O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU\EPU.exe (

ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000..\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8:64bit: - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Giese\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm File not found

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Giese\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm File not found

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found

O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D982E47A-1952-4E0B-BC49-08C3AD20EF70}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\finder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspscan.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\osa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\schdpl32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\snapview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\unbind.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\finder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspscan.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\osa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\schdpl32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\snapview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\unbind.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013.03.23 20:07:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (sdnclean64.exe)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.06.12 21:41:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013.06.12 21:41:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013.06.12 21:41:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013.06.12 21:41:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013.06.12 21:41:49 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013.06.12 21:41:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013.06.12 21:41:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013.06.12 21:41:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013.06.12 21:41:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013.06.12 21:41:48 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013.06.12 21:41:47 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013.06.12 21:41:47 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013.06.12 21:41:47 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013.06.12 21:40:52 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013.06.12 21:40:52 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013.06.12 08:00:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2013.06.12 08:00:43 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2013.06.12 08:00:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll

[2013.06.12 08:00:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll

[2013.06.12 08:00:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll

[2013.06.12 08:00:27 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2013.06.12 08:00:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe

[2013.06.12 08:00:27 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe

[2013.06.12 08:00:26 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2013.06.12 08:00:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll

[2013.06.12 08:00:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll

[2013.06.12 08:00:21 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll

[2013.06.12 08:00:21 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll

[2013.06.10 15:28:33 | 000,000,000 | ---D | C] -- C:\Users\Giese\AppData\Roaming\HandBrake

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.07.01 16:09:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.07.01 15:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.07.01 15:48:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.07.01 15:32:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1002UA.job

[2013.07.01 15:12:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1000UA.job

[2013.07.01 14:09:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.07.01 13:27:24 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.07.01 13:27:24 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.07.01 13:24:21 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.07.01 13:24:21 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.07.01 13:24:21 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.07.01 13:24:21 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.07.01 13:24:21 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.07.01 02:12:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1000Core.job

[2013.06.30 17:43:03 | 000,854,016 | ---- | M] () -- C:\Users\Giese\Desktop\Bayer.db

[2013.06.30 16:32:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1002Core.job

[2013.06.28 11:52:21 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2013.06.28 11:52:21 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2013.06.28 11:52:21 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013.06.27 11:10:29 | 000,002,076 | ---- | M] () -- C:\Users\Giese\Desktop\Launch GLUCOFACTS(TM) Deluxe Update Utility.lnk

[2013.06.23 14:20:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2013.06.23 13:50:33 | 001,609,381 | ---- | M] () -- C:\Users\Giese\Desktop\Gaffel-besonders kölsch.jpg

[2013.06.18 09:27:59 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.06.18 09:27:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.06.10 15:57:19 | 000,031,679 | ---- | M] () -- C:\Users\Giese\Documents\tmp_cover587.jpg

[2013.06.10 15:53:10 | 000,029,557 | ---- | M] () -- C:\Users\Giese\Documents\tmp_cover663.jpg

[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

 
 ========== Files Created - No Company Name ==========

 

[2013.06.28 11:52:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013.06.27 11:10:29 | 000,002,076 | ---- | C] () -- C:\Users\Giese\Desktop\Launch GLUCOFACTS(TM) Deluxe Update Utility.lnk

[2013.06.27 10:34:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013.06.27 10:34:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013.06.23 13:50:33 | 001,609,381 | ---- | C] () -- C:\Users\Giese\Desktop\Gaffel-besonders kölsch.jpg

[2013.06.10 15:57:18 | 000,031,679 | ---- | C] () -- C:\Users\Giese\Documents\tmp_cover587.jpg

[2013.06.10 15:53:10 | 000,029,557 | ---- | C] () -- C:\Users\Giese\Documents\tmp_cover663.jpg

[2013.03.22 10:19:52 | 000,001,636 | ---- | C] () -- C:\Windows\SysWow64\tsdigsgn.dat

[2013.03.22 10:19:52 | 000,000,036 | ---- | C] () -- C:\Windows\TSNPL.dat

[2013.02.16 16:56:55 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll

[2013.02.16 16:56:55 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys

[2013.01.16 19:26:58 | 000,005,120 | ---- | C] () -- C:\Users\Giese\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.06.18 17:20:06 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll

[2012.06.18 17:20:06 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll

[2012.05.12 12:00:09 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll

[2012.03.23 00:03:14 | 000,007,609 | ---- | C] () -- C:\Users\Giese\AppData\Local\resmon.resmoncfg

[2012.03.20 02:40:57 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini

[2012.03.16 11:34:12 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC990W.DAT

[2012.03.15 11:56:43 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2012.03.15 11:45:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012.03.15 11:23:13 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll

[2012.03.15 11:23:13 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys

[2012.03.15 11:21:22 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2012.03.15 11:16:11 | 000,048,471 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2012.03.15 11:14:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2012.03.15 11:14:10 | 000,036,217 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

Code:

OTL Extras logfile created on: 01.07.2013 16:08:33 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Giese\Desktop\USB 32GB\Maleware Programme

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16614)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,58% Memory free

15,97 Gb Paging File | 13,86 Gb Available in Paging File | 86,83% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 97,56 Gb Total Space | 40,41 Gb Free Space | 41,42% Space Free | Partition Type: NTFS

Drive D: | 409,05 Gb Total Space | 399,22 Gb Free Space | 97,60% Space Free | Partition Type: NTFS

Drive E: | 424,80 Gb Total Space | 170,92 Gb Free Space | 40,23% Space Free | Partition Type: NTFS

 

Computer Name: GIESE-PC | User Name: Giese | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromiumHTML] -- C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe (AVAST Software)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{17475FDA-0A98-4922-83EB-BE135045EE2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{18EDCA9D-73E8-4BDD-BDFC-4A91422114DE}" = rport=139 | protocol=6 | dir=out | app=system | 

"{48B50EFB-5FF6-4E45-8BA7-A903C857C691}" = rport=445 | protocol=6 | dir=out | app=system | 

"{70F3D698-DB9D-433C-B869-E30CC878C66A}" = lport=138 | protocol=17 | dir=in | app=system | 

"{7B5A4CB0-645E-4C71-B57B-D790C76C1654}" = lport=139 | protocol=6 | dir=in | app=system | 

"{8E5C724D-4B49-41F8-B11D-1A682E493292}" = rport=137 | protocol=17 | dir=out | app=system | 

"{8EAB7ACB-3930-4268-82AF-67C2C9DC29B1}" = rport=138 | protocol=17 | dir=out | app=system | 

"{9582B074-4E15-4121-9E1E-E025EA178E9C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{ACA45C60-1883-41FB-AA1E-6435EBFD7C8D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{C2ED6E49-CDB2-48FA-98B7-D8A483202245}" = lport=445 | protocol=6 | dir=in | app=system | 

"{CB36E537-0D8F-4A8C-B7AB-6562996998D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{D2EBDFCB-593D-43A4-8F62-DB5153523DB3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{DBDB31BC-0480-429E-8B52-F6C415A144A8}" = lport=137 | protocol=17 | dir=in | app=system | 

"{EEC52F43-DE61-4AD8-AF29-0CBFC4555675}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02F685E9-5577-4384-B352-F459DDFF2770}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{2F552AD1-1E42-4988-87C1-14989F1E4DA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{3458EB15-ED29-4290-A2CD-73C9954F15EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{35DA6D24-B7C2-40A9-B925-1F97C299B287}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{38185542-7B6C-400A-8E06-3E58FF1691D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{47233DD2-E1B0-4958-9891-C7460436E65E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{87A9DD1D-181F-4BBB-9D0B-279598545E39}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 

"{BA96DB62-7A64-40FE-8222-BDD405C64D7B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{BF3C8752-0524-4BE3-A55A-D314A5848037}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{CF992B8D-2EAA-4047-84A4-43679B92770B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{D22969BF-6E55-4190-A080-6025B681A10E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{DD0D16B5-3055-4DED-82E5-7291939433C7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 

"{E1000232-BBC7-4F5C-B8F3-E30012A5F048}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{EC058F64-79C7-431F-ADC3-5EE614C106FC}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{FAF27959-87BE-45AE-BBC3-65BA6E46A326}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"TCP Query User{AF300C51-71A8-44AB-B4F9-D6AD63E90CFB}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 

"UDP Query User{0959FD53-9B84-4F9F-9B49-8433D4E43026}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers

"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64

"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)

"{34FE274A-6AC9-24D1-2364-7A8BE8B4A068}" = ccc-utility64

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B62F31E3-511F-6BD6-5F41-CA284BBDF1E1}" = ccc-utility64

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"WinRAR archiver" = WinRAR 4.20 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"{0A0C88C1-0EDF-4FA6-9733-5652C99375C7}" = Catalyst Control Center Localization All

"{0B400AC6-A43E-C52A-AF75-B092AF34478C}" = CCC Help Turkish

"{0D67B93A-62FB-F67D-6D1D-9F3DF8B42B13}" = CCC Help Czech

"{0EFDE8F4-691D-4CB0-B4C1-0BD63B0907FF}" = IncrediMail

"{15C11D1A-F178-68C9-9C3F-D70694850DCF}" = CCC Help Thai

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20687EF7-CDC0-B8CA-058B-32BC7B6D7B30}" = CCC Help Turkish

"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = LG CyberLink BD Advisor

"{2D4FF9D4-EB76-4A29-6A66-EC5A2B7A900D}" = CCC Help Russian

"{32A5C7EC-A602-471C-97D2-AF6CBD52E8C4}" = GLUCOFACTS(TM) Deluxe

"{336A1E37-FE4F-E77C-1EFE-AD66B8E76A9F}" = CCC Help Chinese Traditional

"{3A627783-AF3B-D420-6411-05AACB3F3932}" = Catalyst Control Center Graphics Previews Vista

"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator

"{407CA81C-8454-CCD5-BACD-BA6BD18F680F}" = CCC Help Greek

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG Burning Tool

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{47B9EFAA-A81C-40C8-9897-7AB878C18166}" = CCC Help Chinese Traditional

"{4EAA09F8-EC61-81CB-EED8-E9DE18800DED}" = Catalyst Control Center Localization All

"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers

"{5ACC1A9F-AAB9-012D-4A65-1D7E92B4242E}" = CCC Help Italian

"{63BCDFC4-BD0D-640E-2B3F-FCDA34805E33}" = Catalyst Control Center Graphics Full New

"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin

"{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express

"{67227CE5-9560-9D24-852B-E75AAB19F0A6}" = CCC Help Portuguese

"{70169B5A-0F4D-1187-CD3D-A0403DA8C350}" = Catalyst Control Center InstallProxy

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{756B8ACF-1E76-6869-2E4B-200BC6D6E6B1}" = CCC Help Swedish

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{76EBC536-D99E-58A6-ECA6-5A63A5FCB992}" = CCC Help Hungarian

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A54F8D9-D42B-DC31-22F4-4AB33DD60208}" = CCC Help Finnish

"{7EE3C326-76F2-6E15-105F-4D386B90152C}" = CCC Help Dutch

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = LG CyberLink MediaShow

"{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8ADE5280-35CA-CF98-A456-F66B98C77244}" = ccc-core-static

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer

"{94C45C20-CB09-54A1-5E41-FCEFBAD50A1B}" = CCC Help Spanish

"{94D0A32F-F467-D869-2AF3-465F5C6F187E}" = CCC Help Chinese Standard

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU

"{A37CA1E3-3343-BF7D-0103-EA5790A67C2A}" = CCC Help German

"{A81E095E-3F65-5A96-9596-13917688962F}" = ccc-core-static

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{ABC0160A-D981-8776-5D53-B962E9AB9A17}" = CCC Help French

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch

"{AE4EBCF8-56AC-B7A2-41F6-96A168D7F4C7}" = CCC Help Chinese Standard

"{B20D0A45-039C-1299-1E92-81BC9A995BFA}" = CCC Help Korean

"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer

"{B7EDCA19-58E3-9B10-5ED5-1928DF65BB4F}" = Catalyst Control Center Graphics Light

"{B8887E02-C910-4498-A7C0-186ABFDCD110}" = GPU Boost Driver

"{B99D218E-948E-BB99-9E9A-D5D31B3FC4D1}" = CCC Help Japanese

"{BA39F78D-E4B1-8DB4-AFC6-7302DC3B12BC}" = CCC Help Czech

"{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}" = Browser Configuration Utility

"{BD510201-74C1-4C78-D7A8-4E2210495A6D}" = CCC Help English

"{BDC53880-55F0-4F56-8737-7D9286A5F095}" = GLUCOFACTS(TM) Deluxe Smart Launch

"{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray

"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"{C6B003DB-5950-0800-0858-1F5F70A090F6}" = CCC Help Polish

"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)

"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint

"{D53EE2FF-EF7A-A93F-BF5F-2B96029B6C8A}" = Catalyst Control Center Graphics Full Existing

"{DA04174D-7B42-F784-0456-B9201DAB1F0D}" = Catalyst Control Center Core Implementation

"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = LG CyberLink PowerDVD

"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software

"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = LG CyberLink MediaEspresso

"{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express

"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)

"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support

"{FF0E8A52-B152-F22E-8BF5-488EE977ACD0}" = CCC Help Norwegian

"{FF52834F-839A-652B-2BB7-DB4BD61603A9}" = CCC Help Danish

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"avast" = avast! Internet Security

"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8

"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data

"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data

"Canon MP990 series Benutzerregistrierung" = Canon MP990 series Benutzerregistrierung

"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program

"CanonSolutionMenu" = Canon Utilities Solution Menu

"DVD Decrypter" = DVD Decrypter (Remove Only)

"DVDFab 8 Qt_is1" = DVDFab 8.1.7.8 (17/04/2012) Qt

"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro

"Easy-WebPrint EX" = Canon Easy-WebPrint EX

"ESET Online Scanner" = ESET Online Scanner v3

"eWhiskyMerger" = eWhiskyMerger

"eWhiskyReducer" = eWhiskyReducer

"Free Studio_is1" = Free Studio version 2013

"IncrediMail" = IncrediMail 2.0

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG Burning Tool

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = LG CyberLink MediaShow

"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = LG CyberLink PowerDVD

"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = LG CyberLink MediaEspresso

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0

"MySSID_is1" = Vtune 7.13

"MyTeVii" = myTeVii

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Precision" = EVGA Precision 2.0.2

"TuneUp Utilities 2013" = TuneUp Utilities 2013

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Google Chrome" = Google Chrome

"MyFreeCodec" = MyFreeCodec

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 25.03.2013 12:10:14 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0x3fc  Startzeit der fehlerhaften Anwendung: 0x01ce29733ab67003

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: 79ee1f51-9566-11e2-ac7f-f46d04539976

 

Error - 25.03.2013 12:13:52 | Computer Name = Giese-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 25.03.2013 12:15:00 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0xe6c  Startzeit der fehlerhaften Anwendung: 0x01ce2973e49022ee

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: 23f76dc1-9567-11e2-ab39-f46d04539976

 

Error - 25.03.2013 12:15:05 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0xc64  Startzeit der fehlerhaften Anwendung: 0x01ce2973e978f97e

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: 2733cca0-9567-11e2-ab39-f46d04539976

 

Error - 25.03.2013 12:16:48 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0xe3c  Startzeit der fehlerhaften Anwendung: 0x01ce297426f66565

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: 64b13886-9567-11e2-ab39-f46d04539976

 

Error - 25.03.2013 12:18:36 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0x13dc  Startzeit der fehlerhaften Anwendung: 0x01ce2974676fdd23

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: a52acf85-9567-11e2-ab39-f46d04539976

 

Error - 25.03.2013 12:18:41 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: nvcplui.exe, Version: 7.1.720.0, 

Zeitstempel: 0x5116ecae  Name des fehlerhaften Moduls: NVCPL.DLL, Version: 8.17.13.1407,

 Zeitstempel: 0x5116dfd4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000005c9cf

ID

 des fehlerhaften Prozesses: 0x1124  Startzeit der fehlerhaften Anwendung: 0x01ce29746a462ee5

Pfad

 der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\system32\NVCPL.DLL  Berichtskennung: a8012146-9567-11e2-ab39-f46d04539976

 

Error - 25.03.2013 12:20:03 | Computer Name = Giese-PC | Source = VSS | ID = 13

Description = 

 

Error - 25.03.2013 12:20:03 | Computer Name = Giese-PC | Source = VSS | ID = 12292

Description = 

 

Error - 25.03.2013 12:20:14 | Computer Name = Giese-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: StartUpManager.exe, Version: 13.0.3020.2,

 Zeitstempel: 0x51067a2a  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015,

 Zeitstempel: 0x50b83c8a  Ausnahmecode: 0x0eedfade  Fehleroffset: 0x0000c41f  ID des fehlerhaften

 Prozesses: 0x12c8  Startzeit der fehlerhaften Anwendung: 0x01ce2974981780aa  Pfad der

 fehlerhaften Anwendung: C:\Program Files (x86)\TuneUp Utilities 2013\StartUpManager.exe

Pfad

 des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung: df895143-9567-11e2-ab39-f46d04539976

 

[ Media Center Events ]

Error - 25.03.2013 11:36:06 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:36:06 - Fehler beim Herstellen der Internetverbindung.  16:36:06 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 25.03.2013 11:36:54 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:36:11 - Fehler beim Herstellen der Internetverbindung.  16:36:11 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 31.03.2013 10:21:25 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:21:24 - Fehler beim Herstellen der Internetverbindung.  16:21:25 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 31.03.2013 10:22:14 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:21:31 - Fehler beim Herstellen der Internetverbindung.  16:21:31 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 08.04.2013 10:18:59 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:18:59 - Fehler beim Herstellen der Internetverbindung.  16:18:59 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 08.04.2013 10:19:30 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 16:19:04 - Fehler beim Herstellen der Internetverbindung.  16:19:04 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.04.2013 21:07:13 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 03:06:49 - Fehler beim Herstellen der Internetverbindung.  03:06:49 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.04.2013 22:07:23 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 04:07:17 - Fehler beim Herstellen der Internetverbindung.  04:07:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 28.04.2013 23:10:08 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 05:10:02 - Fehler beim Herstellen der Internetverbindung.  05:10:02 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 29.04.2013 00:10:18 | Computer Name = Giese-PC | Source = MCUpdate | ID = 0

Description = 06:10:12 - Fehler beim Herstellen der Internetverbindung.  06:10:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 30.06.2013 06:22:11 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 30.06.2013 16:06:54 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TBS 5922 USB DVBS/S2 BDA" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 30.06.2013 16:09:05 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 30.06.2013 16:09:05 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 30.06.2013 18:21:08 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TBS 5922 USB DVBS/S2 BDA" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 30.06.2013 18:23:15 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 30.06.2013 18:23:15 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 01.07.2013 07:19:58 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TBS 5922 USB DVBS/S2 BDA" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 01.07.2013 07:22:21 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 01.07.2013 07:22:21 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

 

< End of report >

sorry aber ganz schön zäh heute...

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Professional x64

Ran by Giese on 03.07.2013 at  8:57:42,12

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2730186759-3319961320-2840300609-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-2730186759-3319961320-2840300609-1000\software\web assistant"

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03.07.2013 at  9:02:01,20

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

# AdwCleaner v2.303 - Datei am 03/07/2013 um 09:07:36 erstellt

# Aktualisiert am 08/06/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)

# Benutzer : Giese - GIESE-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Giese\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 

Gestoppt & Gelöscht : BCUService
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Windows\Tasks\DSite.job

Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

Ordner Gelöscht : C:\Program Files (x86)\DeviceVM

Ordner Gelöscht : C:\ProgramData\DeviceVM

Ordner Gelöscht : C:\Users\Giese\AppData\Roaming\DeviceVM

Ordner Gelöscht : C:\Users\Giese\AppData\Roaming\DSite

Ordner Gelöscht : C:\Users\Heike\AppData\Roaming\DeviceVM
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\DeviceVM

Schlüssel Gelöscht : HKCU\Software\InstallCore

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}

Schlüssel Gelöscht : HKLM\Software\DeviceVM

Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v10.0.9200.16611
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Google Chrome v27.0.1453.116
 

Datei : C:\Users\Giese\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

Datei : C:\Users\Heike\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

Gelöscht [l.2115] : homepage = "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0274c575-8d22[...]
 

-\\ Chromium v     window_placement: {

         bottom: 1050
 

Datei : C:\Users\Giese\AppData\Local\Chromium\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[S1].txt - [2655 octets] - [03/07/2013 09:07:36]
 

########## EOF - C:\AdwCleaner[S1].txt - [2715 octets] ##########

[CODE][OTL Logfile:

Code:

OTL logfile created on: 03.07.2013 09:13:18 - Run 4

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Giese\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16614)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,35% Memory free

15,97 Gb Paging File | 13,48 Gb Available in Paging File | 84,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 97,56 Gb Total Space | 38,41 Gb Free Space | 39,38% Space Free | Partition Type: NTFS

Drive D: | 409,05 Gb Total Space | 399,08 Gb Free Space | 97,56% Space Free | Partition Type: NTFS

Drive E: | 424,80 Gb Total Space | 170,97 Gb Free Space | 40,25% Space Free | Partition Type: NTFS

 

Computer Name: GIESE-PC | User Name: Giese | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Giese\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)

PRC - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)

PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)

PRC - C:\Program Files (x86)\Vtune\TBPANEL.exe ()

PRC - C:\Program Files (x86)\ASUS\EPU\EPU.exe (

ASUSTeK Computer Inc.)

PRC - C:\Programme\ASUS\GPU Boost Driver\GpuBoostServer.exe (

ASUSTeK Computer Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll ()

MOD - C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()

MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()

MOD - C:\Program Files (x86)\Vtune\TBPANEL.exe ()

MOD - C:\Program Files (x86)\ASUS\EPU\pngio.dll ()

MOD - C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll ()

MOD - C:\Windows\SysWOW64\AsIO.dll ()

MOD - C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL ()

MOD - C:\Program Files (x86)\Vtune\TBManage.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (avast! Firewall) -- C:\Programme\AVAST Software\Avast\afwServ.exe (AVAST Software)

SRV - (Garmin Core Update Service) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)

SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)

SRV - (BayerHealthcareService) -- C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe (Bayer Healthcare LLC)

SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)

DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()

DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)

DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()

DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)

DRV:64bit: - (aswNdis2) -- C:\Windows\SysNative\drivers\aswNdis2.sys (AVAST Software)

DRV:64bit: - (aswFW) -- C:\Windows\SysNative\drivers\aswFW.sys (AVAST Software)

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)

DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)

DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)

DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (aswNdis) -- C:\Windows\SysNative\drivers\aswNdis.sys (ALWIL Software)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)

DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)

DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (SAllBDA) -- C:\Windows\SysNative\drivers\TeViiS2.sys (TeVii Technology Ltd.)

DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (AtiPcie) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)

DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (AODDriver) -- C:\Programme\ASUS\GPU Boost Driver\amd64\aoddriver.sys (Advanced Micro Devices)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (Cardex) -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys (Windows (R) Server 2003 DDK provider)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/?a=1eynX8MsEWa

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://mystart.incredimail.com/?a=1eynX8MsEWa

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes\{D4A2565C-9A1B-44cb-BFEE-B1ECE62050C4}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\SearchScopes\{E76A75A8-CED9-4246-9D55-1BCB70E7895A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB

IE - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar-Player: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Giese\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Giese\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX

 

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Ixquick HTTPS - Deutsch (Enabled)

CHR - default_search_provider: search_url = https://ixquick.com/do/search?query={searchTerms}&cat=web&pl=chrome&language=deutsch

CHR - default_search_provider: suggest_url = 

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Giese\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

 

O1 HOSTS File: ([2013.03.23 22:18:10 | 000,445,760 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        www.123fporn.info

O1 - Hosts: 15307 more lines...

O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.

O3 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000\..\Toolbar\WebBrowser: (no name) - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - No CLSID value found.

O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)

O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU\EPU.exe (

ASUSTeK Computer Inc.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKU\S-1-5-21-2730186759-3319961320-2840300609-1000..\Run: [TBPanel] C:\Program Files (x86)\Vtune\TBPanel.exe ()

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1

O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8:64bit: - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Giese\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm File not found

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found

O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Giese\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm File not found

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found

O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found

O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D982E47A-1952-4E0B-BC49-08C3AD20EF70}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found

O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)

O18:64bit: - Protocol\Filter\text/xml - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\finder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspscan.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\osa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\schdpl32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\snapview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27:64bit: - HKLM IFEO\unbind.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\dw20.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\finder.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspscan.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mspview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\osa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\proflwiz.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\schdpl32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\snapview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O27 - HKLM IFEO\unbind.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2013.03.23 20:07:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (sdnclean64.exe)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.07.03 08:56:36 | 000,000,000 | ---D | C] -- C:\JRT

[2013.07.03 08:54:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Giese\Desktop\OTL.exe

[2013.07.02 08:54:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)

[2013.07.02 08:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013.06.12 21:41:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2013.06.12 21:41:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2013.06.12 21:41:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2013.06.12 21:41:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2013.06.12 21:41:49 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe

[2013.06.12 21:41:49 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe

[2013.06.12 21:41:49 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2013.06.12 21:41:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2013.06.12 21:41:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2013.06.12 21:41:48 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013.06.12 21:41:47 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013.06.12 21:41:47 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013.06.12 21:41:47 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013.06.12 21:40:52 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013.06.12 21:40:52 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013.06.12 08:00:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2013.06.12 08:00:43 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2013.06.12 08:00:37 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll

[2013.06.12 08:00:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll

[2013.06.12 08:00:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll

[2013.06.12 08:00:27 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll

[2013.06.12 08:00:27 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe

[2013.06.12 08:00:27 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe

[2013.06.12 08:00:26 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll

[2013.06.12 08:00:26 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll

[2013.06.12 08:00:26 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll

[2013.06.12 08:00:21 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll

[2013.06.12 08:00:21 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll

[2013.06.10 15:28:33 | 000,000,000 | ---D | C] -- C:\Users\Giese\AppData\Roaming\HandBrake

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.07.03 09:16:24 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.07.03 09:16:24 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.07.03 09:16:24 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.07.03 09:16:24 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.07.03 09:16:24 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.07.03 09:12:04 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1000UA.job

[2013.07.03 09:09:40 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.07.03 09:09:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.07.03 09:08:27 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.07.03 09:08:27 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.07.03 08:59:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.07.03 08:54:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Giese\Desktop\OTL.exe

[2013.07.02 22:09:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.07.02 21:32:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1002UA.job

[2013.07.02 16:41:15 | 000,000,005 | ---- | M] () -- C:\Users\Giese\AppData\Roaming\WBPU-TTL.DAT

[2013.07.02 16:32:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1002Core.job

[2013.07.02 09:25:18 | 698,048,146 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2013.07.02 08:16:57 | 000,859,136 | ---- | M] () -- C:\Users\Giese\Desktop\Bayer.db

[2013.07.01 17:22:48 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2013.07.01 02:12:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2730186759-3319961320-2840300609-1000Core.job

[2013.06.28 11:52:21 | 001,030,952 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2013.06.28 11:52:21 | 000,378,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2013.06.28 11:52:21 | 000,189,936 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013.06.28 11:52:21 | 000,000,175 | ---- | M] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013.06.23 13:50:33 | 001,609,381 | ---- | M] () -- C:\Users\Giese\Desktop\Gaffel-besonders kölsch.jpg

[2013.06.18 09:27:59 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2013.06.18 09:27:58 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2013.06.10 15:57:19 | 000,031,679 | ---- | M] () -- C:\Users\Giese\Documents\tmp_cover587.jpg

[2013.06.10 15:53:10 | 000,029,557 | ---- | M] () -- C:\Users\Giese\Documents\tmp_cover663.jpg

[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

 
 ========== Files Created - No Company Name ==========

 

[2013.07.02 16:41:15 | 000,000,005 | ---- | C] () -- C:\Users\Giese\AppData\Roaming\WBPU-TTL.DAT

[2013.06.28 11:52:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys.sum

[2013.06.27 10:34:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys.sum

[2013.06.27 10:34:21 | 000,000,175 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSnx.sys.sum

[2013.06.23 13:50:33 | 001,609,381 | ---- | C] () -- C:\Users\Giese\Desktop\Gaffel-besonders kölsch.jpg

[2013.06.10 15:57:18 | 000,031,679 | ---- | C] () -- C:\Users\Giese\Documents\tmp_cover587.jpg

[2013.06.10 15:53:10 | 000,029,557 | ---- | C] () -- C:\Users\Giese\Documents\tmp_cover663.jpg

[2013.03.22 10:19:52 | 000,001,636 | ---- | C] () -- C:\Windows\SysWow64\tsdigsgn.dat

[2013.03.22 10:19:52 | 000,000,036 | ---- | C] () -- C:\Windows\TSNPL.dat

[2013.02.16 16:56:55 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll

[2013.02.16 16:56:55 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys

[2013.01.16 19:26:58 | 000,005,120 | ---- | C] () -- C:\Users\Giese\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.06.18 17:20:06 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll

[2012.06.18 17:20:06 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll

[2012.05.12 12:00:09 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll

[2012.03.23 00:03:14 | 000,007,609 | ---- | C] () -- C:\Users\Giese\AppData\Local\resmon.resmoncfg

[2012.03.20 02:40:57 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini

[2012.03.16 11:34:12 | 000,059,232 | ---- | C] () -- C:\Windows\SysWow64\CNC990W.DAT

[2012.03.15 11:56:43 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2012.03.15 11:45:50 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2012.03.15 11:23:13 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll

[2012.03.15 11:23:13 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys

[2012.03.15 11:21:22 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2012.03.15 11:16:11 | 000,048,471 | ---- | C] () -- C:\Windows\Ascd_log.ini

[2012.03.15 11:14:21 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2012.03.15 11:14:10 | 000,036,217 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

--- --- ---
/CODE]

Code:

OTL Extras logfile created on: 03.07.2013 09:13:18 - Run 4

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Giese\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16614)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,35% Memory free

15,97 Gb Paging File | 13,48 Gb Available in Paging File | 84,41% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 97,56 Gb Total Space | 38,41 Gb Free Space | 39,38% Space Free | Partition Type: NTFS

Drive D: | 409,05 Gb Total Space | 399,08 Gb Free Space | 97,56% Space Free | Partition Type: NTFS

Drive E: | 424,80 Gb Total Space | 170,97 Gb Free Space | 40,25% Space Free | Partition Type: NTFS

 

Computer Name: GIESE-PC | User Name: Giese | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromiumHTML] -- C:\Program Files\AVAST Software\Avast\sfzone\SafeZoneBrowser.exe (AVAST Software)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htafile [open] -- "%1" %*

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{17475FDA-0A98-4922-83EB-BE135045EE2B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{18EDCA9D-73E8-4BDD-BDFC-4A91422114DE}" = rport=139 | protocol=6 | dir=out | app=system | 

"{48B50EFB-5FF6-4E45-8BA7-A903C857C691}" = rport=445 | protocol=6 | dir=out | app=system | 

"{70F3D698-DB9D-433C-B869-E30CC878C66A}" = lport=138 | protocol=17 | dir=in | app=system | 

"{7B5A4CB0-645E-4C71-B57B-D790C76C1654}" = lport=139 | protocol=6 | dir=in | app=system | 

"{8E5C724D-4B49-41F8-B11D-1A682E493292}" = rport=137 | protocol=17 | dir=out | app=system | 

"{8EAB7ACB-3930-4268-82AF-67C2C9DC29B1}" = rport=138 | protocol=17 | dir=out | app=system | 

"{9582B074-4E15-4121-9E1E-E025EA178E9C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{ACA45C60-1883-41FB-AA1E-6435EBFD7C8D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{C2ED6E49-CDB2-48FA-98B7-D8A483202245}" = lport=445 | protocol=6 | dir=in | app=system | 

"{CB36E537-0D8F-4A8C-B7AB-6562996998D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{D2EBDFCB-593D-43A4-8F62-DB5153523DB3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{DBDB31BC-0480-429E-8B52-F6C415A144A8}" = lport=137 | protocol=17 | dir=in | app=system | 

"{EEC52F43-DE61-4AD8-AF29-0CBFC4555675}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02F685E9-5577-4384-B352-F459DDFF2770}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{2F552AD1-1E42-4988-87C1-14989F1E4DA0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{3458EB15-ED29-4290-A2CD-73C9954F15EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{35DA6D24-B7C2-40A9-B925-1F97C299B287}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{38185542-7B6C-400A-8E06-3E58FF1691D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{47233DD2-E1B0-4958-9891-C7460436E65E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{87A9DD1D-181F-4BBB-9D0B-279598545E39}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 

"{BA96DB62-7A64-40FE-8222-BDD405C64D7B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{BF3C8752-0524-4BE3-A55A-D314A5848037}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{CF992B8D-2EAA-4047-84A4-43679B92770B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{D22969BF-6E55-4190-A080-6025B681A10E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{DD0D16B5-3055-4DED-82E5-7291939433C7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 

"{E1000232-BBC7-4F5C-B8F3-E30012A5F048}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{EC058F64-79C7-431F-ADC3-5EE614C106FC}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{FAF27959-87BE-45AE-BBC3-65BA6E46A326}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"TCP Query User{AF300C51-71A8-44AB-B4F9-D6AD63E90CFB}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe | 

"UDP Query User{0959FD53-9B84-4F9F-9B49-8433D4E43026}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP990_series" = Canon MP990 series MP Drivers

"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64

"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)

"{34FE274A-6AC9-24D1-2364-7A8BE8B4A068}" = ccc-utility64

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.23.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B62F31E3-511F-6BD6-5F41-CA284BBDF1E1}" = ccc-utility64

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"WinRAR archiver" = WinRAR 4.20 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"{0A0C88C1-0EDF-4FA6-9733-5652C99375C7}" = Catalyst Control Center Localization All

"{0B400AC6-A43E-C52A-AF75-B092AF34478C}" = CCC Help Turkish

"{0D67B93A-62FB-F67D-6D1D-9F3DF8B42B13}" = CCC Help Czech

"{0EFDE8F4-691D-4CB0-B4C1-0BD63B0907FF}" = IncrediMail

"{15C11D1A-F178-68C9-9C3F-D70694850DCF}" = CCC Help Thai

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{20687EF7-CDC0-B8CA-058B-32BC7B6D7B30}" = CCC Help Turkish

"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = LG CyberLink BD Advisor

"{2D4FF9D4-EB76-4A29-6A66-EC5A2B7A900D}" = CCC Help Russian

"{32A5C7EC-A602-471C-97D2-AF6CBD52E8C4}" = GLUCOFACTS(TM) Deluxe

"{336A1E37-FE4F-E77C-1EFE-AD66B8E76A9F}" = CCC Help Chinese Traditional

"{3A627783-AF3B-D420-6411-05AACB3F3932}" = Catalyst Control Center Graphics Previews Vista

"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator

"{407CA81C-8454-CCD5-BACD-BA6BD18F680F}" = CCC Help Greek

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG Burning Tool

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{47B9EFAA-A81C-40C8-9897-7AB878C18166}" = CCC Help Chinese Traditional

"{4EAA09F8-EC61-81CB-EED8-E9DE18800DED}" = Catalyst Control Center Localization All

"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers

"{5ACC1A9F-AAB9-012D-4A65-1D7E92B4242E}" = CCC Help Italian

"{63BCDFC4-BD0D-640E-2B3F-FCDA34805E33}" = Catalyst Control Center Graphics Full New

"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin

"{65135558-F1AE-4B9B-8C0B-180730ACA261}" = Garmin Express

"{67227CE5-9560-9D24-852B-E75AAB19F0A6}" = CCC Help Portuguese

"{70169B5A-0F4D-1187-CD3D-A0403DA8C350}" = Catalyst Control Center InstallProxy

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{756B8ACF-1E76-6869-2E4B-200BC6D6E6B1}" = CCC Help Swedish

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{76EBC536-D99E-58A6-ECA6-5A63A5FCB992}" = CCC Help Hungarian

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7A54F8D9-D42B-DC31-22F4-4AB33DD60208}" = CCC Help Finnish

"{7EE3C326-76F2-6E15-105F-4D386B90152C}" = CCC Help Dutch

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = LG CyberLink MediaShow

"{876AB032-B2A4-41FF-AF87-DBC78454C1B0}" = Garmin Update Service

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8ADE5280-35CA-CF98-A456-F66B98C77244}" = ccc-core-static

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{93765DFA-8A67-41FB-9FC0-B12341CA65F3}" = Elevated Installer

"{94C45C20-CB09-54A1-5E41-FCEFBAD50A1B}" = CCC Help Spanish

"{94D0A32F-F467-D869-2AF3-465F5C6F187E}" = CCC Help Chinese Standard

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}" = EPU

"{A37CA1E3-3343-BF7D-0103-EA5790A67C2A}" = CCC Help German

"{A81E095E-3F65-5A96-9596-13917688962F}" = ccc-core-static

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{ABC0160A-D981-8776-5D53-B962E9AB9A17}" = CCC Help French

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch

"{AE4EBCF8-56AC-B7A2-41F6-96A168D7F4C7}" = CCC Help Chinese Standard

"{B20D0A45-039C-1299-1E92-81BC9A995BFA}" = CCC Help Korean

"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer

"{B7EDCA19-58E3-9B10-5ED5-1928DF65BB4F}" = Catalyst Control Center Graphics Light

"{B8887E02-C910-4498-A7C0-186ABFDCD110}" = GPU Boost Driver

"{B99D218E-948E-BB99-9E9A-D5D31B3FC4D1}" = CCC Help Japanese

"{BA39F78D-E4B1-8DB4-AFC6-7302DC3B12BC}" = CCC Help Czech

"{BA88EE67-8974-459D-A1DB-C8281D9AC6F6}" = Browser Configuration Utility

"{BD510201-74C1-4C78-D7A8-4E2210495A6D}" = CCC Help English

"{BDC53880-55F0-4F56-8737-7D9286A5F095}" = GLUCOFACTS(TM) Deluxe Smart Launch

"{C233BCC3-29C4-49C0-B955-0A94509FC4FC}" = Garmin Express Tray

"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"{C6B003DB-5950-0800-0858-1F5F70A090F6}" = CCC Help Polish

"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)

"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint

"{D53EE2FF-EF7A-A93F-BF5F-2B96029B6C8A}" = Catalyst Control Center Graphics Full Existing

"{DA04174D-7B42-F784-0456-B9201DAB1F0D}" = Catalyst Control Center Core Implementation

"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = LG CyberLink PowerDVD

"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software

"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = LG CyberLink MediaEspresso

"{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}" = Garmin Express

"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)

"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support

"{FF0E8A52-B152-F22E-8BF5-488EE977ACD0}" = CCC Help Norwegian

"{FF52834F-839A-652B-2BB7-DB4BD61603A9}" = CCC Help Danish

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"avast" = avast! Internet Security

"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8

"Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9000 series Extention Data

"Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data" = Canon Easy-PhotoPrint Pro - Pro9500 series Extention Data

"Canon MP990 series Benutzerregistrierung" = Canon MP990 series Benutzerregistrierung

"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility

"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool

"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program

"CanonSolutionMenu" = Canon Utilities Solution Menu

"DVD Decrypter" = DVD Decrypter (Remove Only)

"DVDFab 8 Qt_is1" = DVDFab 8.1.7.8 (17/04/2012) Qt

"Easy-PhotoPrint Pro" = Canon Utilities Easy-PhotoPrint Pro

"Easy-WebPrint EX" = Canon Easy-WebPrint EX

"ESET Online Scanner" = ESET Online Scanner v3

"eWhiskyMerger" = eWhiskyMerger

"eWhiskyReducer" = eWhiskyReducer

"Free Studio_is1" = Free Studio version 2013

"IncrediMail" = IncrediMail 2.0

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG Burning Tool

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = LG CyberLink MediaShow

"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint

"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = LG CyberLink PowerDVD

"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = LG CyberLink MediaEspresso

"MediaNavigation.CDLabelPrint" = CD-LabelPrint

"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0

"MySSID_is1" = Vtune 7.13

"MyTeVii" = myTeVii

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"Picasa 3" = Picasa 3

"Precision" = EVGA Precision 2.0.2

"TuneUp Utilities 2013" = TuneUp Utilities 2013

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-2730186759-3319961320-2840300609-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"DSite" = Update for Zip Opener

"Google Chrome" = Google Chrome

"MyFreeCodec" = MyFreeCodec

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 03.07.2013 03:04:31 | Computer Name = Giese-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 03.07.2013 03:10:58 | Computer Name = Giese-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 03.07.2013 03:04:15 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TBS 5922 USB DVBS/S2 BDA" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 03.07.2013 03:06:23 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 03.07.2013 03:06:23 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 03.07.2013 03:09:27 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "TBS 5922 USB DVBS/S2 BDA" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%2

 

Error - 03.07.2013 03:11:38 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 03.07.2013 03:11:38 | Computer Name = Giese-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

 

< End of report >