Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.02.2013, 10:18   #1
callmediablo
 
bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt. - Standard

bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt.



hallo, habe seit einigen Tagen ein Problem. Etwa jede zweite Googlesuche endet auf einer gewissen "click compare" Seite. Unabhängig davon welchen Browser ich benutze. Ich habe den gesamten Pc bereits mehrmals mit "AVG Internet Security 2013" gescannt, jedoch wurde bei diesen Scans nichts gefunden. Habe hier eine Log file mit "OTL" erstellen lassen.
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.02.2013 09:56:49 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Diablo\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 57,78% Memory free
8,00 Gb Paging File | 5,91 Gb Available in Paging File | 73,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,40 Gb Total Space | 350,02 Gb Free Space | 38,19% Space Free | Partition Type: NTFS
 
Computer Name: TOUCH | User Name: Diablo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1314139746-4179643625-410707883-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{071C6289-8148-4347-9C1D-AFEDB4EDE4F2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{1A86EC6D-8E68-451D-AA12-D2DB7468843F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{1A8DF5B8-AFF8-4BBE-9462-8EFAD4704DB0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{26AA3FCA-AFCE-41C1-A145-9671BA0CDAB4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2E2AF4A3-6AAF-4851-8069-07A17EEB2FDD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{326C3EE0-5AD1-466C-A5A0-A1C04991E9DC}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4B43A2CB-84E5-4B9B-9ABF-724B27947619}" = rport=137 | protocol=17 | dir=out | app=system | 
"{5CF7495D-80DE-4706-9AF9-3ED54BFDE08F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{60241632-D2EC-4974-8F32-D834C355EE9C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{698D4C0D-AE59-4C9C-93DF-D74B70DA773A}" = rport=445 | protocol=6 | dir=out | app=system | 
"{73441980-3130-48A9-80E8-6F1E926960CF}" = rport=139 | protocol=6 | dir=out | app=system | 
"{818205BC-CB00-4C7F-B86D-954B85BC3566}" = lport=139 | protocol=6 | dir=in | app=system | 
"{9531A431-F948-4536-8F27-365EBB32D5AE}" = lport=137 | protocol=17 | dir=in | app=system | 
"{B4ACDF2A-3B04-4780-BAD1-4253E0D16DAC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B843775A-C1AD-49D2-9282-5739A228E6AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CE36CA00-4425-4DC6-8721-7443BBC54BB7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D093D922-02AC-4DB6-8848-6889BA0CFC98}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D66E3B8C-295B-4C27-9444-1CB971D6B1DB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{D7D016AF-790B-4E0B-A715-561EADDE1D8D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{DA0424FE-45AF-47E3-B268-763A886F3BAC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DC5735E5-CE61-4F33-AFE0-C35A6E447DB1}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F187F1F4-9A1D-4696-936E-4F238541292C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F14AE5-B4A2-4A63-90CE-563E6F01A457}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{02AC835A-5DF6-4131-889B-CCB62A644358}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{0545A660-2DB3-4ADC-A51A-46BF4BAB1085}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0D2BDA2C-C1B1-41D3-B124-0181B699231A}" = dir=out | name=logos quiz+ | 
"{0DCEFD3E-742E-40D1-A6E9-2340F5EA7A07}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{0E32A7DC-9C72-42D4-9F7D-98AE86D28E9C}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{1000BEE6-E945-46AF-8910-254D0161966E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{11925768-B6C2-4108-A8B0-90EC37DCB901}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{1200FE47-A339-4A7B-8E41-7A0B1EEB2F81}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{12F014FC-D107-424F-88AE-458FC69149FC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{17042814-18A6-4E03-A5F6-D6AE0294A70F}" = dir=out | name=slots | 
"{18D4099B-EFA1-4028-A165-48C146DC2EB3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{19712CCB-6BB6-4516-AA1C-AC1BCF144880}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{19D573D7-8CEF-46A3-A33A-A0AB788174E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{1E5F90E5-C5E0-476E-B267-78EAC041E969}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{34AB4E4D-E084-4C99-A559-1B7F80E086B5}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{3582AE68-A27F-4695-98D7-AF2240CFB438}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{38D35AFC-5215-4249-BF47-992898B88A80}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{3EFBBC42-9AB7-4CFC-BAA5-50E724726316}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{400A378A-E1F3-47E5-BC3E-64EB669C35C9}" = dir=out | name=translator++ | 
"{4737F13C-065F-4743-A48F-30DE02375DFD}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{4960288B-6DDF-45AF-BA91-5F9EF324F686}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B6456E9-2FA1-429B-84E6-EFA8C2387E32}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{4EB200FD-D157-450C-BC14-B39384A5DE34}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{586F2FFE-AD8C-4101-9105-8082EE2B477A}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{59BFE436-B1CD-42A9-9C2F-6BEFFE1A5FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe | 
"{5D5841CB-21B6-4AFF-ACE3-7CCA89AAE7BC}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{5F007CB2-C463-40A7-A660-0103FE2491C0}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{5FDD57D5-5614-4493-993C-BA8D1095D038}" = dir=out | name=kaufda navigator | 
"{66647979-04AB-4FD8-89C1-C68B636D32EC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{67E0BC9E-E4FC-4D0C-BFD9-3EF505CAA6D7}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{68652F57-5EE7-4D17-A5ED-DA1F33B64D29}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{68736375-A023-49C1-A2F0-8F45502F39E3}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{6CBEA759-E65D-4B59-9735-5A856FB5E750}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6FC970E3-4B93-4896-B82C-69CC1BE8500C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{7378333B-32B0-4640-BA03-95240CA54B5B}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{76E70212-737B-478F-B7B5-9EA74A33D2C5}" = protocol=6 | dir=out | app=system | 
"{79D33B5B-9486-4010-8062-275ADAFC3ED9}" = dir=out | name=teamviewer touch | 
"{7D4CFBF8-4CD5-4874-B39F-072AC217FEB4}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{7F70FC77-AC02-4E93-91EA-87075AE1E185}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{86862083-E1B7-4FB2-825E-9143AD6638CE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{897E3823-08E0-4DE6-B1E5-8F2606892A01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{89CA7AE8-076A-4B89-86C4-D53C40BA6EF9}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} | 
"{8A6D6EDD-D143-4FC1-9C79-4BA7D99CD9E9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{91ACDAB9-0671-4A10-8F51-5858D2FBF70C}" = dir=out | name=bild tablet | 
"{9413AEB3-2756-4E91-9108-90BCE1229503}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9BE0A273-9438-49BB-825C-61BBF4351CE3}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{9CAC81AE-9C3C-49B4-9B7B-5F50B920E6CA}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{9E642BA5-77AF-4E54-A6BE-4494BBED2A70}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{A3E1A8F5-6F52-4383-B419-377D242E05E8}" = dir=out | name=fresh paint | 
"{A4AAF6A8-BEA7-4C2C-9E33-266061CD9349}" = dir=out | name=google search | 
"{A87EF5C1-DE66-417A-B1A3-34AC297B47C9}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{A97E4E90-8EA2-4C85-BD9D-3CBF9D1BAD36}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{AB54A45E-9622-4C5E-A0EC-710E58A2EFDA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AB5DAD9B-E0FE-4560-B222-842D61D94419}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AD5F10B8-C135-4562-AC1A-EB6B75078C1F}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{AD603CAC-9E3C-40ED-9E22-4248C93082B7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{B3AE1737-D75A-4737-AC8B-472053E2AB6E}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{B53F99E4-8BBF-454E-9A69-320201FDA8BC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B687E17A-D9BF-4D71-9C96-67DD7D8E696C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{B6B07018-5472-4720-A918-ADAB9EB36E5F}" = dir=out | name=toolbox for windows 8 | 
"{B6C05C01-C63F-425C-84F0-F610C6DB738B}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{B9D7F4E9-028A-4124-A501-220B52276F82}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{C5A1C59D-1CF9-479A-9E5B-0B3E4D77F2B3}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{C8E2D640-764D-4AE5-924D-3E912C3748A2}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{CF5AC0C7-8B97-4447-A5A7-080514667AC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CF9BA1CE-59FC-43F2-B035-C9AB954DE7E9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D3210FE7-8CA3-4784-A8F8-387FE720F01A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe | 
"{D396D081-E776-44F1-AB37-FFC2A2C4B88E}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{D97148AA-AADC-4379-B5AA-ABF2546D209A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{DC6965B8-D2DB-47A5-9C7E-B72C8B7CA38A}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{DD6D22FD-95FA-4C8D-9638-B7F5F80C019C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E1F4D3E2-2A47-4D44-ADF9-1DFDE6943863}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{E5A21749-0294-40AF-AE2F-29C4DB60C709}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} | 
"{E6E883C5-338F-46F5-8363-2E4DFF9753A6}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EB6A0D92-E7CA-498A-8931-9FD4774E1737}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe | 
"{EBD85211-AE7B-4573-80CF-E120FF540F98}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{FD1C44FC-7AB8-4DFA-9240-2800D58B4C43}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe | 
"{FD6C41D7-C1BB-4C60-B612-6582CB482EB0}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{FF079C0A-3CC1-451E-A2AE-FCB3B4FA11AD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{85DADBFE-0623-4119-9D3B-5860AC6AD944}C:\users\diablo\appdata\local\temp\kmsnano\qemu-system-i386.exe" = protocol=6 | dir=in | app=c:\users\diablo\appdata\local\temp\kmsnano\qemu-system-i386.exe | 
"TCP Query User{86AD147D-D818-4C91-ACF1-D580A747BB29}C:\users\diablo\desktop\kmsmicro_4.0\qemu\qemu.exe" = protocol=6 | dir=in | app=c:\users\diablo\desktop\kmsmicro_4.0\qemu\qemu.exe | 
"TCP Query User{AA027ADE-0FCB-4F16-A7F4-C9AEA9432342}K:\64bit\kmsmicrov3.11\qemu\qemu.exe" = protocol=6 | dir=in | app=k:\64bit\kmsmicrov3.11\qemu\qemu.exe | 
"TCP Query User{F62DA02B-DA97-4E00-8F0A-FB66D89F2EB9}D:\kmsmicro_4.0\qemu\qemu.exe" = protocol=6 | dir=in | app=d:\kmsmicro_4.0\qemu\qemu.exe | 
"UDP Query User{580B8533-2B26-46C7-B011-94CFA1E86698}K:\64bit\kmsmicrov3.11\qemu\qemu.exe" = protocol=17 | dir=in | app=k:\64bit\kmsmicrov3.11\qemu\qemu.exe | 
"UDP Query User{A1B3688D-D5AD-406F-A29F-F239AD252F18}D:\kmsmicro_4.0\qemu\qemu.exe" = protocol=17 | dir=in | app=d:\kmsmicro_4.0\qemu\qemu.exe | 
"UDP Query User{C5F945F5-88F5-40BA-8D7F-8C39C80B2EEC}C:\users\diablo\appdata\local\temp\kmsnano\qemu-system-i386.exe" = protocol=17 | dir=in | app=c:\users\diablo\appdata\local\temp\kmsnano\qemu-system-i386.exe | 
"UDP Query User{D5D3EA80-C93E-4E2A-BBF9-ED53CC044F52}C:\users\diablo\desktop\kmsmicro_4.0\qemu\qemu.exe" = protocol=17 | dir=in | app=c:\users\diablo\desktop\kmsmicro_4.0\qemu\qemu.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}" = PlayReady PC Runtime amd64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{502275B0-3DA3-44D8-8702-066525CAAE98}" = AVG 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 305.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 305.93
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D9B7744C-1C39-49B8-86B3-F930631B4FE2}" = AVG 2013
"1A85AC5851A15316E49DEB3A05005DC569B79E59" = Windows-Treiberpaket - NextWindow (NWVoltron) HIDClass  (06/23/2011 3.1.6.0)
"AVG" = AVG 2013
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07C5298F-CABF-4735-979B-6909D7DF8CC0}" = NextWindow Drivers
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5E21B617-F52E-BB10-92F9-C8AB2C799A8A}" = Adobe Download Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7451FD2D-1A23-4E67-92CD-8EDDD1846917}" = AVG PC TuneUp Language Pack (de-DE)
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}" = AVG PC TuneUp
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.80
"AVG PC TuneUp" = AVG PC TuneUp
"AVG Secure Search" = AVG Security Toolbar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DAEMON Tools Pro" = DAEMON Tools Pro
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}" = Microsoft Flight Simulator X
"NextWindow Voltron Driver" = NextWindow Voltron Driver 3.1.6.0.f
"Savings Explorer" = Savings Explorer
"SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6" = Microsoft Flight Simulator X Service Pack 1
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 2.0.5
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1314139746-4179643625-410707883-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Ignite" = Ignite
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.02.2013 04:32:36 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 14.02.2013 10:04:06 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error - 14.02.2013 10:06:29 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
 
Error - 14.02.2013 14:34:09 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error - 14.02.2013 14:34:57 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 14.02.2013 16:35:37 | Computer Name = touch | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesApp64.exe, Version:
 12.0.4000.108, Zeitstempel: 0x5035f809  Name des fehlerhaften Moduls: TuneUpUtilitiesApp64.exe,
 Version: 12.0.4000.108, Zeitstempel: 0x5035f809  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x00000000000316c6  ID des fehlerhaften Prozesses: 0x2b4  Startzeit der fehlerhaften
 Anwendung: 0x01ce0af2d8790424  Pfad der fehlerhaften Anwendung: C:\Program Files 
(x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe  Pfad des fehlerhaften Moduls: C:\Program
 Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe  Berichtskennung: 168993a7-76e6-11e2-be79-0027134124a3
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 14.02.2013 16:35:41 | Computer Name = touch | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesApp64.exe, Version:
 12.0.4000.108, Zeitstempel: 0x5035f809  Name des fehlerhaften Moduls: unknown, Version:
 0.0.0.0, Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000002394320
ID
 des fehlerhaften Prozesses: 0x19b8  Startzeit der fehlerhaften Anwendung: 0x01ce0af2db1917ff
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 18dcbdba-76e6-11e2-be79-0027134124a3
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 14.02.2013 16:35:54 | Computer Name = touch | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesApp64.exe, Version:
 12.0.4000.108, Zeitstempel: 0x5035f809  Name des fehlerhaften Moduls: TuneUpUtilitiesApp64.exe,
 Version: 12.0.4000.108, Zeitstempel: 0x5035f809  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x00000000000316c6  ID des fehlerhaften Prozesses: 0xaa0  Startzeit der fehlerhaften
 Anwendung: 0x01ce0af2e3147d9e  Pfad der fehlerhaften Anwendung: C:\Program Files 
(x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe  Pfad des fehlerhaften Moduls: C:\Program
 Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe  Berichtskennung: 20c84468-76e6-11e2-be79-0027134124a3
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 15.02.2013 04:49:37 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 15.02.2013 04:49:55 | Computer Name = touch | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0xC004F074
Befehlszeilenargumente:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=a00018a3-f20f-4632-bf7c-8daa5351c914;NotificationInterval=1440;Trigger=NetworkAvailable
 
[ System Events ]
Error - 14.02.2013 15:07:15 | Computer Name = touch | Source = Application Popup | ID = 262200
Description = 
 
Error - 14.02.2013 16:36:17 | Computer Name = touch | Source = Service Control Manager | ID = 7034
Description = Dienst "AVG PC TuneUp Service" wurde unerwartet beendet. Dies ist 
bereits 1 Mal passiert.
 
Error - 14.02.2013 18:42:48 | Computer Name = touch | Source = DCOM | ID = 10010
Description = 
 
Error - 14.02.2013 18:42:48 | Computer Name = touch | Source = DCOM | ID = 10010
Description = 
 
Error - 14.02.2013 18:42:48 | Computer Name = touch | Source = DCOM | ID = 10010
Description = 
 
Error - 14.02.2013 18:43:41 | Computer Name = touch | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 15.02.2013 04:48:33 | Computer Name = touch | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 15.02.2013 04:48:36 | Computer Name = touch | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
 Fehlers fehlgeschlagen:   %%5
 
Error - 15.02.2013 04:52:59 | Computer Name = touch | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP Support Assistant Service" wurde nicht richtig gestartet.
 
Error - 15.02.2013 04:55:26 | Computer Name = touch | Source = Service Control Manager | ID = 7022
Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
 
 
< End of report >
         
--- --- ---

Alt 15.02.2013, 13:03   #2
markusg
/// Malware-holic
 
bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt. - Standard

bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt.



hi
otl.txt fehlt
__________________

__________________

Antwort

Themen zu bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt.
avg, avg secure search, bereits, browser, click, click compare deinstallieren, click compare entfernen, click compare löschen, click compare redirect, click compare virus, compare, erstelle, erstellen, gesamte, gewissen, googlesuche, install.exe, interne, internet security 2013, log, log file, nvidia update, scans, secure search, security, suche, tablet, tagen, usenext, verlinkt, visual studio



Ähnliche Themen: bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt.


  1. Google Suche meldet: "Ungewöhnlicher Datenverkehr aus Ihrem Computernetzwerk"
    Plagegeister aller Art und deren Bekämpfung - 19.05.2014 (10)
  2. "cdncache-a.akamaihd.net" - PopUp's, Werbebanner und "click to continue"-Links
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (39)
  3. google-Suche öffnet "ihavenet"-Seiten
    Plagegeister aller Art und deren Bekämpfung - 16.10.2013 (7)
  4. Click Compare Trojaner - Laptop (Win7 / Google Chrome)
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (11)
  5. "click to continue" oder "browse to save" entfernen
    Log-Analyse und Auswertung - 02.04.2013 (21)
  6. Google suche funktioniert nicht! "your computer or network may be sending automated queries"
    Log-Analyse und Auswertung - 21.03.2013 (5)
  7. "Click Compare" - Trojaner auf meinem Laptop?
    Plagegeister aller Art und deren Bekämpfung - 24.02.2013 (28)
  8. "click to continue" oder "browse to save" entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (2)
  9. "ihavenet-Problem" bei Google-Suche im Mozilla Firefox unter Windows Vista 32bit
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (18)
  10. Suche mit google wird nicht auf das ergebnis geleitet, sondern auf "newsfudge.com"
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (23)
  11. Weiterleitung bei google (bing etc.)-Suche auf falsche Seite "rocketnews.com/...."
    Plagegeister aller Art und deren Bekämpfung - 13.05.2012 (2)
  12. Google-Suche wird auf "Hooot.com" umgeleitet
    Log-Analyse und Auswertung - 23.01.2012 (23)
  13. Suchergebnisse von Google werde immer von "goingonearth" weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 15.05.2011 (3)
  14. Werde auf Google "umgeleitet"
    Log-Analyse und Auswertung - 16.02.2010 (7)
  15. "Goolge Suche" unter Vista/Mozilla Firefox verlinkt Falsch
    Plagegeister aller Art und deren Bekämpfung - 04.08.2009 (44)
  16. Google öffnet nach Suche Seiten wie "totalsearchworld.com" o.Ä.
    Log-Analyse und Auswertung - 30.04.2007 (3)
  17. Alter Schwede snyggast.se, oldgames.se und google suche "george bush idiot"
    Log-Analyse und Auswertung - 11.01.2005 (6)

Zum Thema bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt. - hallo, habe seit einigen Tagen ein Problem. Etwa jede zweite Googlesuche endet auf einer gewissen "click compare" Seite. Unabhängig davon welchen Browser ich benutze. Ich habe den gesamten Pc bereits - bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt....
Archiv
Du betrachtest: bei etwa jeder zweiten google suche werde ich zu "click compare" verlinkt. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.