Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: schredder 64 msi

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.07.2013, 16:47   #1
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



Hallo zusammen,

Ich bin durch Zufall auf das Forum gestoßen weil ich seit einiger Zeit ein Problem habe. Mit meinem Windows 7 jedesmal wenn ich mit dem rechten Mausklick auf ein Datei klicke meldet mir Windows das ich in einem Ordner was installieren soll. Eine shredder Datei schredder 64 msi.
Da ich durch das Forum gestöbert bin und gesehen habe das es sich um einen Virus handelt bzw ein Verschlüsselungsprogamm hoffe ich mir proffesionelle hilfe hier zu bekomen.

Bin jetzt total gefläscht da es sich um eine Hackerangriff handeln kann

Bitte um Hilfe Albert

Name:  Unbenannt.PNG
Hits: 6628
Größe:  40,6 KB

Alt 01.07.2013, 16:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________

__________________

Alt 01.07.2013, 17:00   #3
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2013 03
Ran by ########## at 2013-07-01 17:58:24
Running from C:\Users\###########\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (x32 Version: 15.4.5722.2)
???? ??? Windows Live (x32 Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (x32 Version: 15.4.5722.2)
???? Windows Live (x32 Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (x32 Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (x32 Version: 15.4.5722.2)
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922)
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) (x32 Version: 15.4.5722.2)
?????????? Windows Live (x32 Version: 15.4.3502.0922)
??????????? ?? Windows Live (x32 Version: 15.4.3502.0922)
Acer Backup Manager (x32 Version: 3.0.0.99)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904)
Acer ePower Management (x32 Version: 6.00.3008)
Acer eRecovery Management (x32 Version: 5.00.3502)
Acer Registration (x32 Version: 1.04.3503)
Acer ScreenSaver (x32 Version: 1.1.0517.2011)
Acer Updater (x32 Version: 1.02.3500)
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? (x32 Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2)
Adobe AIR (x32 Version: 3.4.0.2540)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
ALTools Update (x32)
ALZip (x32 Version: v8.12)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
Backup Manager V3 (x32 Version: 3.0.0.99)
Bonjour (Version: 3.0.0.10)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom NetLink Controller (Version: 14.8.4.1)
Canon Easy-PhotoPrint EX (x32)
Canon MP Navigator EX 2.0 (x32)
Canon MP540 series MP Drivers
Canon My Printer (x32)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Control ActiveX del Windows Live Mesh per a connexions remotes (x32 Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
D3DX10 (x32 Version: 15.4.2368.0902)
Die Sims Deluxe  (x32)
Dolby Advanced Audio v2 (x32 Version: 7.2.7000.4)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
FOTOParadies (x32 Version: 3.5.0.1)
Free YouTube to MP3 Converter version 3.12.1.320 (x32 Version: 3.12.1.320)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.145)
iCloud (Version: 2.0.2.187)
Identity Card (x32 Version: 1.00.3501)
Inkjet Printer/Scanner Extended Survey Program (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2418)
Intel(R) Rapid Storage Technology (x32 Version: 10.5.0.1026)
iTunes (Version: 11.0.4.4)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kontrola Windows Live Mesh ActiveX za daljinske veze (x32 Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Launch Manager (x32 Version: 5.1.7)
Media Go (x32 Version: 2.3.255)
Media Go Video Playback Engine 1.96.118.08260 (x32 Version: 1.96.118.08260)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (x32 Version: 4.0.14.27)
MyWinLocker Suite (x32 Version: 4.0.14.18)
NTI Media Maker 9 (x32 Version: 9.0.2.8942)
NVIDIA Grafiktreiber 268.00 (Version: 268.00)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA PhysX (x32 Version: 9.10.0514)
NVIDIA Systemsteuerung 268.00 (Version: 268.00)
NVIDIA Update Components (Version: 1.0.21)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení (x32 Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2)
Picasa 3 (x32 Version: 3.9)
Picture Control Utility (x32 Version: 1.2.2)
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
QuickTime (x32 Version: 7.73.80.64)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6339)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Skype™ 5.10 (x32 Version: 5.10.116)
Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305)
Sony PC Companion 2.10.165 (x32 Version: 2.10.165)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (x32 Version: 15.4.5722.2)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
Windows Live ??? (x32 Version: 15.4.3502.0922)
Windows Live ???? (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

15-06-2013 16:12:17 Windows Update
18-06-2013 18:21:26 Windows Update
25-06-2013 18:13:33 Windows Update
30-06-2013 19:04:11 TuneUp Utilities 2012 wird installiert
30-06-2013 19:04:40 TuneUp Utilities Language Pack (de-DE) wird entfernt
30-06-2013 19:06:03 TuneUp Utilities 2013 wird installiert
30-06-2013 19:34:00 Windows Update
30-06-2013 21:06:18 Removed PlayStation(R)Store.
30-06-2013 21:34:23 TuneUp Utilities 2013 wird entfernt
30-06-2013 21:35:53 TuneUp Utilities Language Pack (de-DE) wird entfernt
30-06-2013 22:35:55 TuneUp Utilities 2013 wird installiert

==================== Scheduled Tasks (whitelisted) =============

Task: {14775031-AD8F-454C-82E0-8C35E93FDCA1} - System32\Tasks\{511C8E07-DC9C-4BDC-9E59-6F5C456AC5BD} => C:\Program Files (x86)\Canon\MP Navigator EX 2.0\mpnex20.exe [2008-07-31] (CANON INC.)
Task: {204E087C-1A4D-4388-91B8-F029A5A66DB0} - System32\Tasks\{B5CA243C-D588-4430-ACDD-551394EAD7AC} => C:\program files (x86)\mozilla firefox\firefox.exe [2013-05-23] (Mozilla Corporation)
Task: {284BC72D-4B64-4E51-82A4-AE6AB50FAF15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-24] (Google Inc.)
Task: {38AB495B-06AD-4576-8F08-654CE683FB3B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {41B2EC03-DD3F-40AE-B427-53CEF1552856} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {4680BC29-A91B-4E5F-9C03-F7EF85A5409B} - System32\Tasks\{B762251E-5610-4D32-A490-E80FFBE839BE} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe No File
Task: {506E0C36-3A40-4735-8DD9-7330B66DDA22} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-05-10] (Adobe Systems Incorporated)
Task: {63273008-439B-439D-A8A5-E2620F0A461A} - System32\Tasks\ESTsoft RunAsStdUser 1066220Task => C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe [2010-10-07] (ESTsoft Corp.)
Task: {6F1B730E-A4B1-408E-8D6C-7A6CD64CF9E6} - System32\Tasks\{097187CD-046D-4547-8756-7DC4F416CC56} => C:\program files (x86)\mozilla firefox\firefox.exe [2013-05-23] (Mozilla Corporation)
Task: {871DBBFE-3648-4D79-B3BB-AFC243051028} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {A4166727-CC1E-4C60-9452-6A810D01451A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {C63DCDDD-90FD-4736-801D-F1B383E5F730} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {D4FA971B-225E-4F39-853F-0D8B60B486A9} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe No File
Task: {E95D453E-1D8E-4987-BA9F-916F3A571565} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-24] (Google Inc.)
Task: {F0741764-46B7-4899-AA10-091B5FD70E25} - System32\Tasks\{8FFC6598-82E5-43B6-B893-79B553BB68B4} => C:\program files (x86)\mozilla firefox\firefox.exe [2013-05-23] (Mozilla Corporation)
Task: {F3A3CC50-29C6-4F72-8778-6C8980DF0411} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2013 05:41:11 PM) (Source: MsiInstaller) (User: WenigAlbert-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.

Error: (07/01/2013 05:29:59 PM) (Source: MsiInstaller) (User: WenigAlbert-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.

Error: (07/01/2013 04:59:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 03:54:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2013 00:35:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2013 11:58:24 PM) (Source: MsiInstaller) (User: WenigAlbert-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.

Error: (06/30/2013 11:55:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2013 11:52:27 PM) (Source: MsiInstaller) (User: WenigAlbert-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.

Error: (06/30/2013 11:49:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2013 11:44:16 PM) (Source: MsiInstaller) (User: WenigAlbert-PC)
Description: Product: Shredder -- Error 1706.No valid source could be found for product Shredder.  The Windows Installer cannot continue.


System errors:
=============
Error: (06/30/2013 11:56:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/30/2013 11:56:07 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (06/30/2013 11:56:07 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (06/30/2013 09:51:12 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/30/2013 08:45:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2013 07:05:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2013 06:20:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2013 04:22:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2013 00:36:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2013 10:36:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 8043.86 MB
Available physical RAM: 5692.96 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13784.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:318.96 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BE5B6882)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by ######### (administrator) on 01-07-2013 17:57:17
Running from C:\Users\########\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4  [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2780776 2011-07-19] (CANON INC.)
HKCU\...\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background [449248 2013-05-29] (Sony)
MountPoints2: {23420f7e-35b6-11e2-8c3d-b870f4dbecf2} - E:\Startme.exe
MountPoints2: {ce7333c7-1c6f-11e2-99bd-b870f4dbecf2} - E:\autorun.exe
MountPoints2: {f6621e3d-16d5-11e1-a310-b870f4dbecf2} - E:\Startme.exe
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [341360 2011-06-22] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-07-29] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [226920 2011-03-31] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [193128 2011-03-31] (NVIDIA Corporation)
Startup: C:\Users\Wenig Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM-x32 SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wenig Albert\AppData\Roaming\Mozilla\Firefox\Profiles\v1zs2t6c.default
FF NewTab: Bing
FF Homepage: hxxp://www.bing.com/?cc=de
FF Keyword.URL: hxxp://utils.chatzum.com/?url=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Wenig Albert\AppData\Roaming\Mozilla\Firefox\Profiles\v1zs2t6c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-06-30] (Avira Operations GmbH & Co. KG)
S3 libusb0; C:\Windows\SysWow64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 libusb0; system32\drivers\libusb0.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-01 17:57 - 2013-07-01 17:57 - 00000000 ____D C:\FRST
2013-07-01 17:56 - 2013-07-01 17:56 - 01933758 ____A (Farbar) C:\Users\Wenig Albert\Downloads\FRST64.exe
2013-07-01 16:23 - 2013-07-01 16:23 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A3740E97-2B8E-4F44-8C9B-817FAE126DC0}
2013-07-01 15:58 - 2013-07-01 15:57 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-01 00:37 - 2013-07-01 00:37 - 00002173 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-01 00:37 - 2013-07-01 00:37 - 00002153 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-01 00:37 - 2013-01-28 14:19 - 00035104 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-01 00:37 - 2013-01-28 14:19 - 00026400 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-01 00:37 - 2013-01-28 14:19 - 00021792 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-01 00:36 - 2013-07-01 00:37 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 00:29 - 2013-07-01 00:29 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{06D1BD74-B061-4FF2-B6B0-BF18CCB68757}
2013-07-01 00:26 - 2013-07-01 00:26 - 00000258 ____A C:\Users\Wenig Albert\Downloads\defogger_enable.log
2013-07-01 00:11 - 2013-07-01 00:11 - 00377856 ____A C:\Users\Wenig Albert\Downloads\gmer_2.1.19163.exe
2013-07-01 00:07 - 2013-07-01 00:07 - 00602112 ____A (OldTimer Tools) C:\Users\Wenig Albert\Downloads\OTL.exe
2013-07-01 00:06 - 2013-07-01 00:06 - 00000486 ____A C:\Users\Wenig Albert\Downloads\defogger_disable.log
2013-07-01 00:05 - 2013-07-01 00:05 - 00050477 ____A C:\Users\Wenig Albert\Downloads\Defogger.exe
2013-06-30 23:50 - 2013-06-30 23:50 - 00000000 ____D C:\Users\Wenig Albert\AppData\Roaming\Avira
2013-06-30 23:47 - 2013-06-30 23:47 - 00002030 ____A C:\Users\Public\Desktop\Avira Control Center.lnk
2013-06-30 23:47 - 2013-06-30 23:47 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-30 23:47 - 2013-06-30 23:46 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-30 23:47 - 2013-06-30 23:46 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-30 23:47 - 2013-06-30 23:46 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-30 23:43 - 2013-06-30 23:43 - 02092792 ____A C:\Users\Wenig Albert\Downloads\avira_free_antivirus.exe
2013-06-30 23:33 - 2013-07-01 00:25 - 00112272 ____A C:\Users\Wenig Albert\Downloads\Extras.Txt
2013-06-30 23:29 - 2013-07-01 00:19 - 00089316 ____A C:\Users\Wenig Albert\Downloads\OTL.Txt
2013-06-30 22:17 - 2013-06-30 22:17 - 00000000 ____D C:\Users\Wenig Albert\AppData\Roaming\Malwarebytes
2013-06-30 22:17 - 2013-06-30 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 22:16 - 2013-06-30 22:17 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Wenig Albert\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-30 22:07 - 2013-07-01 16:58 - 00000448 ____A C:\Windows\setupact.log
2013-06-30 22:07 - 2013-06-30 22:07 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 22:06 - 2013-06-30 23:48 - 00392972 ____A C:\Windows\PFRO.log
2013-06-30 22:06 - 2013-06-30 22:06 - 00428800 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 22:05 - 2013-06-30 22:05 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-06-30 22:02 - 2013-06-30 22:02 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Wenig Albert\Downloads\tdsskiller(1).exe
2013-06-30 21:40 - 2013-06-30 21:40 - 00111248 ____A C:\Users\Wenig Albert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-30 21:05 - 2013-07-01 00:35 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-30 21:05 - 2013-06-30 21:05 - 28211040 ____A (TuneUp Software) C:\Users\Wenig Albert\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-30 21:00 - 2013-06-30 21:00 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox
2013-06-29 14:02 - 2013-06-29 14:02 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{7D675EBF-FB46-4861-9473-78C7FD59573F}
2013-06-24 22:18 - 2013-06-24 22:19 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{4A86D70D-A3B7-40CA-8797-758A61DBCF60}
2013-06-23 22:30 - 2013-06-23 22:30 - 00001747 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-23 22:29 - 2013-06-23 22:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-23 22:29 - 2013-06-23 22:30 - 00000000 ____D C:\Program Files\iTunes
2013-06-23 22:29 - 2013-06-23 22:30 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-23 22:29 - 2013-06-23 22:29 - 00000000 ____D C:\Program Files\iPod
2013-06-21 21:36 - 2013-06-21 21:36 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{6001908C-C0CC-46D8-99B1-1B7C59698A71}
2013-06-20 20:22 - 2013-06-20 20:23 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A8A61B95-C5BC-4D04-9E28-A10667966518}
2013-06-19 20:51 - 2013-06-19 20:51 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{F22BFE76-51A3-4148-83AF-8D816DD32E95}
2013-06-18 20:48 - 2013-06-18 20:48 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{B552AEA6-51EA-4799-B804-37C6F1A9F804}
2013-06-17 18:09 - 2013-06-17 18:09 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{3C48E529-DBE4-4D54-A018-94F108F3BD9D}
2013-06-15 18:13 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 18:13 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 18:13 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 18:13 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 18:13 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 18:13 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 18:13 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 18:13 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 18:13 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 18:13 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 18:13 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 18:13 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 18:33 - 2013-06-12 18:33 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{90FE014E-1E5C-47F6-A01B-C7419AD986F4}
2013-06-12 18:07 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 18:07 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 18:07 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 18:07 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 18:07 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 18:07 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 18:07 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 18:07 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 17:43 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 17:43 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 17:43 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 17:43 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 17:43 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 17:43 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 17:43 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 17:43 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 17:43 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 17:43 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 17:43 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 17:43 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 17:43 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 17:43 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 17:43 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 17:43 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 17:43 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 17:43 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 17:43 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 18:14 - 2013-06-11 18:14 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A51DECD0-2B4D-4F34-82C5-D146E6996809}
2013-06-08 00:34 - 2013-06-08 00:34 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{8D3AA3CD-9EE4-461F-81A6-3F63B915D31C}
2013-06-07 21:52 - 2013-06-07 21:54 - 00000000 ____D C:\Users\Wenig Albert\Downloads\Setup Mein CEWE FOTOBUCH
2013-06-07 13:29 - 2013-06-07 13:29 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{8A083B41-9138-4FAB-8207-7893F007B476}
2013-06-05 17:56 - 2013-06-05 17:56 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{E486856B-854D-4DB0-B6DB-CC162D3D713F}
2013-06-01 14:39 - 2013-06-01 14:40 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{BB957947-CF80-439F-A15A-5155964FCCEE}

==================== One Month Modified Files and Folders =======

2013-07-01 17:57 - 2013-07-01 17:57 - 00000000 ____D C:\FRST
2013-07-01 17:56 - 2013-07-01 17:56 - 01933758 ____A (Farbar) C:\Users\Wenig Albert\Downloads\FRST64.exe
2013-07-01 17:38 - 2011-10-24 20:59 - 00001122 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 17:36 - 2011-10-24 20:59 - 00001118 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 17:25 - 2011-09-16 15:19 - 01746962 ____A C:\Windows\WindowsUpdate.log
2013-07-01 17:24 - 2012-04-04 17:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 17:07 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 17:07 - 2009-07-14 06:45 - 00016976 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 16:59 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 16:58 - 2013-06-30 22:07 - 00000448 ____A C:\Windows\setupact.log
2013-07-01 16:23 - 2013-07-01 16:23 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A3740E97-2B8E-4F44-8C9B-817FAE126DC0}
2013-07-01 15:57 - 2013-07-01 15:58 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-01 00:37 - 2013-07-01 00:37 - 00002173 ____A C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2013-07-01 00:37 - 2013-07-01 00:37 - 00002153 ____A C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
2013-07-01 00:37 - 2013-07-01 00:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 00:35 - 2013-06-30 21:05 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-01 00:33 - 2011-10-22 17:13 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-07-01 00:32 - 2011-10-22 13:04 - 00000000 ____D C:\users\Wenig Albert
2013-07-01 00:29 - 2013-07-01 00:29 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{06D1BD74-B061-4FF2-B6B0-BF18CCB68757}
2013-07-01 00:26 - 2013-07-01 00:26 - 00000258 ____A C:\Users\Wenig Albert\Downloads\defogger_enable.log
2013-07-01 00:25 - 2013-06-30 23:33 - 00112272 ____A C:\Users\Wenig Albert\Downloads\Extras.Txt
2013-07-01 00:19 - 2013-06-30 23:29 - 00089316 ____A C:\Users\Wenig Albert\Downloads\OTL.Txt
2013-07-01 00:11 - 2013-07-01 00:11 - 00377856 ____A C:\Users\Wenig Albert\Downloads\gmer_2.1.19163.exe
2013-07-01 00:07 - 2013-07-01 00:07 - 00602112 ____A (OldTimer Tools) C:\Users\Wenig Albert\Downloads\OTL.exe
2013-07-01 00:06 - 2013-07-01 00:06 - 00000486 ____A C:\Users\Wenig Albert\Downloads\defogger_disable.log
2013-07-01 00:05 - 2013-07-01 00:05 - 00050477 ____A C:\Users\Wenig Albert\Downloads\Defogger.exe
2013-06-30 23:50 - 2013-06-30 23:50 - 00000000 ____D C:\Users\Wenig Albert\AppData\Roaming\Avira
2013-06-30 23:48 - 2013-06-30 22:06 - 00392972 ____A C:\Windows\PFRO.log
2013-06-30 23:47 - 2013-06-30 23:47 - 00002030 ____A C:\Users\Public\Desktop\Avira Control Center.lnk
2013-06-30 23:47 - 2013-06-30 23:47 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-30 23:47 - 2011-10-22 15:54 - 00000000 ____D C:\ProgramData\Avira
2013-06-30 23:46 - 2013-06-30 23:47 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-30 23:46 - 2013-06-30 23:47 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-30 23:46 - 2013-06-30 23:47 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-30 23:44 - 2011-10-23 10:44 - 00000000 ____D C:\Users\Wenig Albert\Documents\Dokumente
2013-06-30 23:43 - 2013-06-30 23:43 - 02092792 ____A C:\Users\Wenig Albert\Downloads\avira_free_antivirus.exe
2013-06-30 23:07 - 2012-11-24 00:40 - 00000000 ____D C:\Program Files (x86)\Sony
2013-06-30 22:17 - 2013-06-30 22:17 - 00000000 ____D C:\Users\Wenig Albert\AppData\Roaming\Malwarebytes
2013-06-30 22:17 - 2013-06-30 22:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-30 22:17 - 2013-06-30 22:16 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Wenig Albert\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-30 22:07 - 2013-06-30 22:07 - 00000000 ____A C:\Windows\setuperr.log
2013-06-30 22:06 - 2013-06-30 22:06 - 00428800 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 22:05 - 2013-06-30 22:05 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-06-30 22:02 - 2013-06-30 22:02 - 02237968 ____A (Kaspersky Lab ZAO) C:\Users\Wenig Albert\Downloads\tdsskiller(1).exe
2013-06-30 21:43 - 2011-10-23 20:05 - 00000000 ____D C:\Users\Wenig Albert\AppData\Roaming\TuneUp Software
2013-06-30 21:40 - 2013-06-30 21:40 - 00111248 ____A C:\Users\Wenig Albert\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-30 21:35 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-06-30 21:24 - 2012-04-25 16:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-30 21:13 - 2012-04-03 20:29 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\Downloaded Installations
2013-06-30 21:13 - 2011-10-23 20:04 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2013-06-30 21:13 - 2011-10-22 21:55 - 00000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2013-06-30 21:13 - 2011-10-22 16:45 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\Microsoft Help
2013-06-30 21:06 - 2011-10-23 20:04 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-06-30 21:05 - 2013-06-30 21:05 - 28211040 ____A (TuneUp Software) C:\Users\Wenig Albert\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-30 21:00 - 2013-06-30 21:00 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox
2013-06-30 21:00 - 2013-05-23 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 21:00 - 2011-10-22 15:12 - 00001255 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-06-30 10:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-30 10:36 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 14:02 - 2013-06-29 14:02 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{7D675EBF-FB46-4861-9473-78C7FD59573F}
2013-06-27 16:51 - 2012-10-22 19:22 - 00090112 __ASH C:\Users\Wenig Albert\Thumbs.db
2013-06-24 22:19 - 2013-06-24 22:18 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{4A86D70D-A3B7-40CA-8797-758A61DBCF60}
2013-06-24 20:48 - 2012-11-24 00:40 - 00001990 ____A C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-06-24 20:48 - 2011-08-12 08:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-23 22:30 - 2013-06-23 22:30 - 00001747 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-23 22:30 - 2013-06-23 22:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-23 22:30 - 2013-06-23 22:29 - 00000000 ____D C:\Program Files\iTunes
2013-06-23 22:30 - 2013-06-23 22:29 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-23 22:29 - 2013-06-23 22:29 - 00000000 ____D C:\Program Files\iPod
2013-06-23 19:52 - 2011-09-17 01:11 - 00654400 ____A C:\Windows\System32\perfh007.dat
2013-06-23 19:52 - 2011-09-17 01:11 - 00130240 ____A C:\Windows\System32\perfc007.dat
2013-06-23 19:52 - 2009-07-14 07:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-21 21:36 - 2013-06-21 21:36 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{6001908C-C0CC-46D8-99B1-1B7C59698A71}
2013-06-20 20:23 - 2013-06-20 20:22 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A8A61B95-C5BC-4D04-9E28-A10667966518}
2013-06-19 21:20 - 2011-10-23 10:44 - 00000000 ____D C:\Users\Wenig Albert\Documents\Passwörter
2013-06-19 20:51 - 2013-06-19 20:51 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{F22BFE76-51A3-4148-83AF-8D816DD32E95}
2013-06-18 20:48 - 2013-06-18 20:48 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{B552AEA6-51EA-4799-B804-37C6F1A9F804}
2013-06-17 18:09 - 2013-06-17 18:09 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{3C48E529-DBE4-4D54-A018-94F108F3BD9D}
2013-06-14 15:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 21:24 - 2012-04-04 17:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-13 21:24 - 2011-08-12 09:32 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 18:33 - 2013-06-12 18:33 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{90FE014E-1E5C-47F6-A01B-C7419AD986F4}
2013-06-12 18:10 - 2011-10-22 16:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-12 18:08 - 2011-10-25 17:50 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 18:14 - 2013-06-11 18:14 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{A51DECD0-2B4D-4F34-82C5-D146E6996809}
2013-06-08 16:08 - 2013-06-15 18:13 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 18:13 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 18:13 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 18:13 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 18:13 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 18:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 18:13 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 18:13 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 18:13 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 18:13 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 18:13 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 18:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 00:34 - 2013-06-08 00:34 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{8D3AA3CD-9EE4-461F-81A6-3F63B915D31C}
2013-06-07 21:54 - 2013-06-07 21:52 - 00000000 ____D C:\Users\Wenig Albert\Downloads\Setup Mein CEWE FOTOBUCH
2013-06-07 13:29 - 2013-06-07 13:29 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{8A083B41-9138-4FAB-8207-7893F007B476}
2013-06-05 17:56 - 2013-06-05 17:56 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{E486856B-854D-4DB0-B6DB-CC162D3D713F}
2013-06-01 14:40 - 2013-06-01 14:39 - 00000000 ____D C:\Users\Wenig Albert\AppData\Local\{BB957947-CF80-439F-A15A-5155964FCCEE}

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-26 22:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Ist das so richtig bitte antworten wenn was falsch ist in solchen Fällen bin ich Laie.
__________________

Alt 01.07.2013, 19:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Windows Repair (All In One) - Download - Filepony

Windows repair Tool laden und installieren. Alle Schritte durchführen, am Schluss alles anhaken und starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.07.2013, 20:47   #5
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



Hallo schrauber ich habe jetzt alle schritte durchgeführt hat ca 1 h gedauert jedoch ist das problem mit dem rechtsklick und schredder immer noch da.

trotzdem schon mal


Alt 02.07.2013, 07:56   #6
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
--> schredder 64 msi

Alt 02.07.2013, 20:10   #7
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.07.2013 20:59:51 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Wenig Albert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 73,35% Memory free
15,71 Gb Paging File | 13,49 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447,66 Gb Total Space | 318,83 Gb Free Space | 71,22% Space Free | Partition Type: NTFS
 
Computer Name: WENIGALBERT-PC | User Name: Wenig Albert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Wenig Albert\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)
DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (s1029unic) -- C:\Windows\SysNative\drivers\s1029unic.sys (MCCI Corporation)
DRV:64bit: - (s1029mgmt) -- C:\Windows\SysNative\drivers\s1029mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1029obex) -- C:\Windows\SysNative\drivers\s1029obex.sys (MCCI Corporation)
DRV:64bit: - (s1029mdm) -- C:\Windows\SysNative\drivers\s1029mdm.sys (MCCI Corporation)
DRV:64bit: - (s1029nd5) -- C:\Windows\SysNative\drivers\s1029nd5.sys (MCCI Corporation)
DRV:64bit: - (s1029mdfl) -- C:\Windows\SysNative\drivers\s1029mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1029bus) -- C:\Windows\SysNative\drivers\s1029bus.sys (MCCI Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Bing
IE - HKCU\..\SearchScopes,DefaultScope = {2BBEE4BE-3D97-47DC-AB26-C201CF6DCD97}
IE - HKCU\..\SearchScopes\{2BBEE4BE-3D97-47DC-AB26-C201CF6DCD97}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=OSDSRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.bing.com/?cc=de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..keyword.URL: "hxxp://utils.chatzum.com/?url="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 17:31:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 17:31:37 | 000,000,000 | ---D | M]
 
[2013.02.19 19:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Extensions
[2013.02.21 01:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Firefox\Profiles\2bklh5ht.default\extensions
[2013.05.10 10:43:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Firefox\Profiles\v1zs2t6c.default\extensions
[2013.02.19 19:55:55 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\2bklh5ht.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.10 10:43:48 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\v1zs2t6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013.05.23 17:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.23 17:31:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O2 - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B65114B-12B8-49B5-B6E6-C6C0EA6C6D69}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7037F900-4716-493E-A349-F9F88060D3C1}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{23420f7e-35b6-11e2-8c3d-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{23420f7e-35b6-11e2-8c3d-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{ce7333c7-1c6f-11e2-99bd-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{ce7333c7-1c6f-11e2-99bd-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{f6621e3d-16d5-11e1-a310-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{f6621e3d-16d5-11e1-a310-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.02 19:29:35 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{1BD8AA0E-F496-4AF3-A9FE-64C8A5255503}
[2013.07.01 21:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.07.01 21:34:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013.07.01 21:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2013.07.01 20:57:12 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013.07.01 20:26:14 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.07.01 20:19:12 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.07.01 20:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.01 20:12:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.01 20:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.01 20:11:42 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\tweaking.com_windows_repair_aio
[2013.07.01 17:57:05 | 000,000,000 | ---D | C] -- C:\FRST
[2013.07.01 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A3740E97-2B8E-4F44-8C9B-817FAE126DC0}
[2013.07.01 15:58:02 | 000,083,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.07.01 00:29:43 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{06D1BD74-B061-4FF2-B6B0-BF18CCB68757}
[2013.06.30 23:50:55 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Avira
[2013.06.30 23:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.30 23:47:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.30 23:47:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.30 23:47:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.30 23:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.30 22:17:39 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Malwarebytes
[2013.06.30 22:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.30 22:05:45 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.06.30 21:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.06.30 21:05:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.06.30 21:00:47 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox
[2013.06.29 14:02:36 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{7D675EBF-FB46-4861-9473-78C7FD59573F}
[2013.06.24 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{4A86D70D-A3B7-40CA-8797-758A61DBCF60}
[2013.06.23 22:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.23 22:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.21 21:36:47 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{6001908C-C0CC-46D8-99B1-1B7C59698A71}
[2013.06.20 20:22:51 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A8A61B95-C5BC-4D04-9E28-A10667966518}
[2013.06.19 20:51:40 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{F22BFE76-51A3-4148-83AF-8D816DD32E95}
[2013.06.18 20:48:24 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{B552AEA6-51EA-4799-B804-37C6F1A9F804}
[2013.06.17 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{3C48E529-DBE4-4D54-A018-94F108F3BD9D}
[2013.06.15 18:13:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.15 18:13:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.12 18:33:07 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{90FE014E-1E5C-47F6-A01B-C7419AD986F4}
[2013.06.12 18:07:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.12 18:07:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.12 18:07:55 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.12 18:07:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.12 18:07:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.12 18:07:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.12 18:07:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.12 18:07:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.12 18:07:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.12 18:07:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.12 18:07:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.12 18:07:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.12 18:07:54 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.12 17:43:52 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.12 17:43:52 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.12 17:43:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.12 17:43:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.12 17:43:40 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.12 17:43:35 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.12 17:43:35 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.12 17:43:35 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.12 17:43:35 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.12 17:43:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.12 17:43:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.12 17:43:24 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.12 17:43:24 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.11 18:14:12 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A51DECD0-2B4D-4F34-82C5-D146E6996809}
[2013.06.08 00:34:49 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{8D3AA3CD-9EE4-461F-81A6-3F63B915D31C}
[2013.06.07 13:29:45 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{8A083B41-9138-4FAB-8207-7893F007B476}
[2013.06.05 17:56:07 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{E486856B-854D-4DB0-B6DB-CC162D3D713F}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.02 20:56:11 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.02 20:56:11 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.02 20:56:11 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.02 20:56:11 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.02 20:56:11 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.02 20:55:40 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.02 20:55:40 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.02 20:50:27 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.02 20:50:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.02 20:50:05 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.02 19:38:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.02 15:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.01 21:35:38 | 000,428,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.01 21:34:00 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.07.01 20:57:56 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-WENIGALBERT-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
[2013.07.01 20:29:10 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013.07.01 20:16:02 | 000,192,531 | ---- | M] () -- C:\Users\Wenig Albert\Desktop\Unbenannt1.PNG
[2013.07.01 20:12:44 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.01 17:41:08 | 000,041,561 | ---- | M] () -- C:\Users\Wenig Albert\Desktop\Unbenannt.PNG
[2013.07.01 15:57:48 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.30 23:47:54 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.30 23:46:01 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.30 23:46:01 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.30 23:46:01 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.30 21:00:52 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.24 20:48:55 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.06.23 22:30:16 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.13 21:24:12 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.13 21:24:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.01 20:57:56 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WENIGALBERT-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
[2013.07.01 20:29:10 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013.07.01 20:16:02 | 000,192,531 | ---- | C] () -- C:\Users\Wenig Albert\Desktop\Unbenannt1.PNG
[2013.07.01 20:12:44 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.01 17:41:08 | 000,041,561 | ---- | C] () -- C:\Users\Wenig Albert\Desktop\Unbenannt.PNG
[2013.06.30 23:47:54 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.30 22:06:39 | 000,428,800 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.23 22:30:16 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.04.22 21:29:06 | 000,000,579 | ---- | C] () -- C:\Windows\eReg.dat
[2012.10.29 23:12:49 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2012.10.10 21:03:13 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2012.04.03 20:43:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Bundle
[2012.04.03 20:43:01 | 000,000,000 | ---- | C] () -- C:\ProgramData\Brother
[2012.04.03 20:36:28 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\Users\Wenig Albert\AppData\Roaming\CIOSupport
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\Users\Wenig Albert\AppData\Roaming\Bubble Noise
[2012.04.03 20:30:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.10.22 16:24:16 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.12 09:37:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.12 09:37:07 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.12 09:37:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.12 09:37:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.12 09:37:03 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.07.2013 20:59:52 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Wenig Albert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,76 Gb Available Physical Memory | 73,35% Memory free
15,71 Gb Paging File | 13,49 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447,66 Gb Total Space | 318,83 Gb Free Space | 71,22% Space Free | Partition Type: NTFS
 
Computer Name: WENIGALBERT-PC | User Name: Wenig Albert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057DB1B6-CF9C-4041-9923-8742BBA2379F}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0EAF5C25-1656-4598-A15C-9EEB77396506}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1E94B548-55B9-4B1E-A4A0-4E3DE805C0B7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{2F2114C5-9D7A-483C-8E74-62482CCEC0EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{34D7EE97-CB1B-4A5E-897B-EA19AB5F6AE3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{5D2F3AAD-2F81-416A-A2B5-F581966F5FA1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{720F8038-7BE1-4E70-8CA2-860402D66AB3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{82308C16-CC2B-4DD7-9195-F962BD38D5BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9C9EE254-6B03-449F-B407-CF8DE1056D48}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9DDD7157-51BF-470B-9BB2-03DA46964E1F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A26D926C-2E1C-451D-889C-F5DAAA9AF259}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B99ADA06-7F1B-45E0-97CF-111F9757A78F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CEA60B05-A483-4710-A339-C891F251A0DB}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D20B892B-BF96-49B8-92E4-B3456E7D7CAD}" = lport=445 | protocol=6 | dir=in | app=system | 
"{D35FCAD1-99C5-4214-8E47-A2D7ACB638EB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E7EF2845-BDB6-4217-91B6-957B507E2050}" = rport=138 | protocol=17 | dir=out | app=system | 
"{FAE6106E-6911-47F1-A0AD-804F7A8B3B39}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{FF6A263A-553C-4D7B-87A5-3D44A123C291}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0111B728-7167-4B16-A7B3-37727DA454CE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{0C1EEBCB-B985-4F81-B6AB-1AB0755588CE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{1299F5B1-898D-42FA-8374-56C91CF1A6F4}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | 
"{1ABB4577-8F5E-4C84-BD9B-61D268CB8250}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe | 
"{22678276-4769-4DE3-B3BE-E5C0BAE4F51D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{3784FB46-3679-4B33-92AF-37497A3F0AB4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{A95D43CA-B785-4950-9585-B99AD8701612}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{BEB9A4F0-357D-476D-8E4C-A7F7743907C4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BEE80B96-EE23-4DCE-907D-287F3BC6248C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{CB7614D5-5363-4D64-A5D0-38D1F06B6C28}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E1C1FF0D-EB81-4A1E-9282-F98555035984}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{F81E5A4B-51E8-41DC-8577-1419C9A5C1BB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"TCP Query User{11DC524C-D4D8-4A81-8F16-65C56AB0825C}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 
"TCP Query User{213FFC3C-87DB-41C7-9E46-D384A2D78196}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 
"TCP Query User{CC8BC69B-5252-4B0F-BC60-DCDCA86DF0BB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 
"TCP Query User{F46B4032-3857-43ED-9EAA-34557DA56EC3}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{01D93A9A-AD66-4C3E-B06E-5BBF52E7D127}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 
"UDP Query User{0231FCFD-DAD0-4E90-B37F-6774543EB079}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 
"UDP Query User{13F8F968-FF0E-4B87-A5D9-0185526F3557}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"UDP Query User{335C6CA5-F397-4216-8333-5E48FCFC055F}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{4710662C-8204-4334-A977-B1AC9E547819}" = Broadcom Card Reader Driver Installer
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 268.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 268.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.118.08260
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{10798AE3-DCBB-43C3-9C93-C23512427E25}" = Die Sims Deluxe 
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76C064E2-BB99-4453-8FDA-42BC01AD0734}" = Control ActiveX del Windows Live Mesh per a connexions remotes
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E47D8C1-8F4D-4356-9B2B-1A202956B778}}_is1" = FOTOParadies
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALUpdate_is1" = ALTools Update
"ALZip_is1" = ALZip
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.1.320
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Picasa 3" = Picasa 3
"Update Engine" = Sony Ericsson Update Engine
"WinLiveSuite" = Windows Live Essentials
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.07.2013 09:54:47 | Computer Name = WenigAlbert-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.07.2013 10:59:50 | Computer Name = WenigAlbert-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.07.2013 11:29:59 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
Error - 01.07.2013 11:41:11 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
Error - 01.07.2013 14:30:53 | Computer Name = WenigAlbert-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.07.2013 14:33:04 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
Error - 01.07.2013 15:23:58 | Computer Name = WenigAlbert-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ePowerTray.exe, Version: 6.0.3008.0,
 Zeitstempel: 0x4e37695f  Name des fehlerhaften Moduls: ePowerTray.exe, Version: 6.0.3008.0,
 Zeitstempel: 0x4e37695f  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000000032095
ID
 des fehlerhaften Prozesses: 0xd44  Startzeit der fehlerhaften Anwendung: 0x01ce76891759adeb
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
Berichtskennung:
 c6b493ba-e283-11e2-90fd-b870f4dbecf2
 
Error - 01.07.2013 15:39:44 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
Error - 01.07.2013 15:44:11 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
Error - 01.07.2013 16:27:57 | Computer Name = WenigAlbert-PC | Source = MsiInstaller | ID = 11706
Description = Product: Shredder -- Error 1706.No valid source could be found for
 product Shredder.  The Windows Installer cannot continue.
 
[ System Events ]
Error - 30.06.2013 17:56:07 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 30.06.2013 17:56:07 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 01.07.2013 13:54:06 | Computer Name = WenigAlbert-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 01.07.2013 15:36:43 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 01.07.2013 15:36:43 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 01.07.2013 15:38:50 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 IPsec-Richtlinien-Agent erreicht.
 
Error - 01.07.2013 15:38:50 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 01.07.2013 15:39:20 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 IPsec-Richtlinien-Agent erreicht.
 
Error - 01.07.2013 15:39:20 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 01.07.2013 15:43:13 | Computer Name = WenigAlbert-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.
 
 
< End of report >
         
--- --- ---

Alt 03.07.2013, 07:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    ATTFilter
    :filefind
    *Shredder*
    :regfind
    Shredder
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2013, 21:31   #9
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



SystemLook 30.07.11 by jpshortstuff
Log created at 22:27 on 03/07/2013 by Wenig Albert
Administrator - Elevation successful

========== filefind ==========

Searching for "*Shredder*"
C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll --a---- 63344 bytes [20:10 29/03/2011] [20:10 29/03/2011] 4FE0208A6CC82D4E2B0DFB4D8A33A164
C:\Program Files (x86)\EgisTec Shredder\x86\FileShredder.exe --a---- 907632 bytes [20:10 29/03/2011] [20:10 29/03/2011] 0CE45B5168A91957017B494B65007155
C:\Program Files (x86)\EgisTec Shredder\x86\ShredderContextMenu.dll --a---- 53104 bytes [20:10 29/03/2011] [20:10 29/03/2011] 1C07AFE0321DD288011CBAECBEF17293
C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\Shredder.exe --a---- 16819584 bytes [07:29 12/08/2011] [07:28 12/08/2011] 3B48392D3D5D9140FB77D6F6492B5952

========== regfind ==========

Searching for "Shredder"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\377e55a7_0]
@="{0.0.0.00000000}.{2a3019a9-e951-45df-a59c-b05a09372e66}|\Device\HarddiskVolume3\Program Files (x86)\EgisTec Shredder\x86\FileShredder.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ShredderContextMenu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ShredderContextMenu.DLL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}]
@="ShredderContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32]
@="C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID]
@="ShredderContextMenu.ShredContextMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID]
@="ShredderContextMenu.ShredContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0FA077E-B6A4-41D2-9983-BEB4DD6D85AA}\InprocServer32]
"InprocServer32"="}G!)-c]}-9vHM2hqdv3nshredder64_Files>u+(H-,?7s8vn*ZxBi@]* I&Kc&jvS5Ajj-sOfyvU0IPS>u+(H-,?7s8vn*ZxBi@]*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
"Shredder"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
"Application"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
"Document"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
"IPS"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
"CommonObjs"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D]
"shredder64_Files"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D]
"Application"="shredder64_Files"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D]
"CommonObjs"="shredder64_Files"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\38E5962CD1FC1D3448EF3BEB5C1610A2]
"ProductName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\SourceList]
"PackageName"="Shredder.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\613755F10CFCDB14FA7FB84CC94E447D]
"ProductName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\613755F10CFCDB14FA7FB84CC94E447D\SourceList]
"PackageName"="Shredder64.msi"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.ATL,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32""="2E,Qg%7il9tnl@f{}UR1Shredder>Jp U2NrV7B5qy_[T,(4,j TCx]68m$_@6hMTS1Sz*0IPS>JpU2NrV7B5qy_[T,(4,j vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>JpU2NrV7B5qy_[T,(4,j"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32""="34TL`{KY?{9N26!$,CC!ReaderProgr amFiles>FBBocKWG18(q-N=uYwq7 2E,Qg%7il9tnl@f{}UR1Shredder>FBBocKWG18(q-N=uYwq7 TCx]68m$_@6hMTS1Sz*0IPS>FBBocKWG18(q-N=uYwq7 vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>FBBocKWG18(q-N=uYwq7"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.MFC,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32""="2E,Qg%7il9tnl@f{}UR1Shredder>K0 qdh3C0e7n!._L=H.6O TCx]68m$_@6hMTS1Sz*0IPS>K0qdh3C0e7n!._L=H.6O vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>K0qdh3C0e7n!._L=H.6O"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.ATL,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32-policy""="2E,Qg%7il9tnl@f{}UR1Shredder>r$fJ^YCTj3V9%Y'}*'.) TCx]68m$_@6hMTS1Sz*0IPS>r$fJ^YCTj3V9%Y'}*'.) vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>r$fJ^YCTj3V9%Y'}*'.)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32-policy""="34TL`{KY?{9N26!$,CC!ReaderProgramFiles>ic?g)O&RS4%q5]VLQr[S 2E,Qg%7il9tnl@f{}UR1Shredder>ic?g)O&RS4%q5]VLQr[S TCx]68m$_@6hMTS1Sz*0IPS>ic?g)O&RS4%q5]VLQr[S vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>ic?g)O&RS4%q5]VLQr[S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.MFC,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32-policy""="2E,Qg%7il9tnl@f{}UR1Shredder>uL}dJ5hL+4E+f,1qJ(d- TCx]68m$_@6hMTS1Sz*0IPS>uL}dJ5hL+4E+f,1qJ(d- vW4b*`hqk9)GGQeb'l1fMyWinLockerSuite>uL}dJ5hL+4E+f,1qJ(d-"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.ATL,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>P7fR1)}_p3F.7A6pHk~R I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>P7fR1)}_p3F.7A6pHk~R"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>6r]5H^~0.8uB)f8M}ILk I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>6r]5H^~0.8uB)f8M}ILk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"Microsoft.VC90.MFC,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>`.Ich2cbG8mu'&ZAn~j1 I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>`.Ich2cbG8mu'&ZAn~j1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.ATL,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32-policy""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>FPQQCY0YK5~4_ym%`&Ca I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>FPQQCY0YK5~4_ym%`&Ca"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32-policy""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>h-Fsv[jCN3rUE^L'S597 I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>h-Fsv[jCN3rUE^L'S597"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Win32Assemblies\Global]
"policy.9.0.Microsoft.VC90.MFC,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64",type="win32-policy""="}G!)-c]}-9vHM2hqdv3nshredder64_Files>5[oOo91yR6nRZdxmjC=3 I&Kc&jvS5Ajj-sOfyvU0MyWinLocker>5[oOo91yR6nRZdxmjC=3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\ShredderContextMenu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu\CurVer]
@="ShredderContextMenu.ShredContextMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SOFTWARE\EgisTec IPS\{1EBCCDAA-BFB5-46ad-88CF-0BF282D97F13}.1]
"ProductName"="EgisTec Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0]
@="ShredderContextMenu 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0\HELPDIR]
@="C:\Program Files (x86)\EgisTec Shredder\x64\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32]
@="C:\Program Files (x86)\EgisTec Shredder\x86\ShredderContextMenu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID]
@="ShredderContextMenu.ShredContextMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID]
@="ShredderContextMenu.ShredContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E0FA077E-B6A4-41D2-9983-BEB4DD6D85AA}\InprocServer32]
"InprocServer32"="2E,Qg%7il9tnl@f{}UR1Shredder>LyP4_f@ai?}^!Kv-{%X. TCx]68m$_@6hMTS1Sz*0IPS>LyP4_f@ai?}^!Kv-{%X."
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\ShredderContextMenu.DLL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}]
@="ShredderContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0]
@="ShredderContextMenu 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0\HELPDIR]
@="C:\Program Files (x86)\EgisTec Shredder\x64\"
[HKEY_LOCAL_MACHINE\SOFTWARE\EgisTec Shredder]
[HKEY_LOCAL_MACHINE\SOFTWARE\EgisTec Shredder]
"sSystemDir"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\EgisTec Shredder]
"sShredderFolderBanner"="C:\Program Files (x86)\EgisTec Shredder\;C:\Program Files (x86)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\EgisTec Shredder\x86\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\EgisTec Shredder\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\EgisTec Shredder\Ico\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\EgisTec Shredder\x64\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F31DEE398084E5B49E9E8D406DB5FE]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_DU.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\087CD4FBE6A0A420A7AE75B57FFFF807]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_LT.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0EBE9377EE90DEAE8A3F19544A46B194]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_HU.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\11CD897B3EB1DB2DB3D525473B12EE2A]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23C996DCB4827BDC94AA7805BC92FA9E]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_RO.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\249D3D874E620EAD58B7C084BD129899]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_GR.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29628329FA717DC44A2DC2AE579BDE8A]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA97986F1C1E114EB78DF5AADC9D3A2]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\i18n\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F03AFBC8D029AE86924EE50AC318826]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_FR.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3206ACE368132105D33B6690711CABA7]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_DA.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F0ED57E20F356BA47B0D3778638DEDA]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_SV.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\47255B367871C0443A12D5C421A79FA8]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\x86\FileShredder.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50DB86F1CD85AEA82F2D5C1590241D3E]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_LV.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51452233A18CFF3488228DC4C5CD9B0D]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Tutorial\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53E30891D3F5CD853C08565805CB94CF]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_KO.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6125387635513654485F2D230583D37A]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\x86\LibFrame.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\657C8FDC74463C97F27FE82E75816381]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\671D9720E09FD8648809C7274CB70358]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\x86\ShredConsole.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F95B3810A791C24DBE2F5FF79E65260]
"613755F10CFCDB14FA7FB84CC94E447D"="C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\72DAC8E66DA71A269F6FB2C20760E4FC]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_PT.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8965D03297449C6BFBB94C795DE325]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_JP.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\865C41759228B98C7B0224E60717E92E]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_SL.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EA7C22E108174E64DF5BADA5C57C35]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_SK.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\885ABBB523C8106C4A91B5FF54737E75]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_ES.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8A579914604836358166795B12120DE9]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Layout\Images\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D320264411813C665AEB1CEFCFC67B6]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Layout\Sound\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D601894EA1245A4AA17AF98601772CC]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\x86\ShredderContextMenu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\913DAEA514E96A6698D36C7575025D98]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_BG.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\92737AEBE849C6B8C8F97DAB8F77ADE4]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_NO.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9999F0060FD9FA358DFA566995B84439]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_TU.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ADFC3263529C69583B5CE160D2DA982]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_HR.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9F9CE034DB42CD94EA650040D5F11162]
"613755F10CFCDB14FA7FB84CC94E447D"="C:\Program Files (x86)\EgisTec Shredder\x64\FrameUtility.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2CE9D7E886A5B9B89ABE59872EC77A1]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_RU.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5D1CD48E9FADDAAF668D29DCBF89830]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_CZ.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF3C701CD49A9D802D5E1706362E28AE]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_IT.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B482DAD3B11426F4E84ED4D8DBDB0163]
"613755F10CFCDB14FA7FB84CC94E447D"="C:\Program Files (x86)\EgisTec Shredder\x64\LibFrame.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC5416056D0B2B50DF38A693F6BD054D]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_PL.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C08C5614318C21ECA83D9DF4EF468A1C]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_TC.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D24B9353442DC733FCE0781C92E776C7]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_DE.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D54C6F260BD95D84CBD3DEA04AD9BF86]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Ico\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D9F0E27F426D8496C29A0948DC50E24B]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_SC.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E11C87FD60FEB9DFBDE0EAC9C1BFCE04]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_ET.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC2FC2F422DC6CC4B988CDAE62DFF92E]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Layout\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2F463AEAA4F01168760B79900980569]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\Help\Shredder_Help_FI.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA69F7CCF6D3FE34C80769E6062A8E38]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\x86\FrameUtility.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA695AD1CAC6DC41A618B180C49F529]
"38E5962CD1FC1D3448EF3BEB5C1610A2"="C:\Program Files (x86)\EgisTec Shredder\config\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\Features]
"Shredder"="UlMrv~?MD@J8HkCWPS9=WjV%=5g6=AgKK.8&LE.jm}76IS[p}81$O1.`i}x6LyP4_f@ai?}^!Kv-{%X.Z8lw_a(&S?O6&lLGYNn[FUKy=c~]v=s^A(kjAHm='_}nwI!Xe@l*]W1]?s.KNElBTL*`V9Z6BJAY*O9xP]SYc7c,9=M{!l,tQ9oYf2j+t?5+q9o[o=bHs.NRFa5,AB$V?9dl}i%o,l&w6.fS&QNd%AE[J+.2Hb`)a1Z!tRw)=@,J)V%nQK=()P{MWs`F=BDH5E@B1[p-r@z9G7Rkjkhhmqghdyc[739Bx-(9S=~ffI?^N0uDP1-Xnbv_69_?(^hEPP?H!G4~*pGV==`.qTO`7JTGXJ`b1P9TW@i]13NL(oVhRO]YY?F'A9y_?P=I76[W8f$6sIK!.@-Iemof2}Gy&PRWRWgZd==lekqg@cRWJpU2NrV7B5qy_[T,(4,j90?73S&.B6z.nZECjZXdguF`o]iMv4y)cxK!sfI=w.J,S23fj4?nWX^b5ZONFBBocKWG18(q-N=uYwq7X4y2awX!P6Pu?{U5xjrMu$-P+BxO_5&yH'lS'Twl&?5dI]E[w3,pC5lX8O4WK0qdh3C0e7n!._L=H.6O-mItkKIab3n6N6yQzuV]AYV5G42sI6axxlhZak&BX$!(*rl'O7-$a28kr3chr$fJ^YCTj3V9%Y'}*'.)xlpag%iQP3R*1*n_7Zu[ic?g)O&RS4%q5]VLQr[SG&.)$Z(5f3gxNZyPexS(uL}dJ5hL+4E+f,1qJ(d-(Lh))X+&G8r2l'77'vp^"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\Features]
"Application"="~+'^?A}Xt?t7KET=I=]j^6w&Hmt{r9Ao2V@5X^aTA4_l!Y6Pb=+}_lLtsYmRShredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\Features]
"Document"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\Features]
"IPS"="S4B5&C*CXA%Uw%eAG&*mB0}BBFqts=NU4Il0DbhlTd5,EG[rMcQ_[CX[s4Beb705Gg.&B'p4&?.npPCKF,R[c_*h7ukplN4Wlj`[-b%vtVzc@ye-O?X`JKo^d1DPOx5UB7HCzY52,uq]Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\Features]
"CommonObjs"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\InstallProperties]
"InstallLocation"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E5962CD1FC1D3448EF3BEB5C1610A2\InstallProperties]
"DisplayName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\613755F10CFCDB14FA7FB84CC94E447D\Features]
"shredder64_Files"="cc~Z3zq4Q@a(ie8xmg'7-Cr5ek4^E?ldvMi`7`k.u+(H-,?7s8vn*ZxBi@]*e]W@+((]0@IBZ{LGsg7]5shWl(MPM@K+tyRtO++(a8x_t*x'F9{7{0au`ju6fn&p*17HaAntp!@Jncmm+b6jyLa9M=rN[V$yQxe2Y`coX5pV4@7+zzdC.$eB4EegdE'Ic?(1JhAj?~Ye6`x%mDcCDA1iFzxnmLZz3u_&G4706yFRSMn+%mVsWUDU$$Ncp,sYg&%wIAu5Op2E-sG'x8i~CfYoRx6P*dtNPZ%GMAW=UhgQg!6xXw&AOupXp8cQMGL{JuicP7fR1)}_p3F.7A6pHk~R,SGJss_ZX5mQ3It)$$viX{ux9ueRS7HElhZ6t+ip6r]5H^~0.8uB)f8M}ILkymyN3jIr]4f}}me`qUaeNaMWT]3CN8]QYxdwU0UJ`.Ich2cbG8mu'&ZAn~j1r'xv[@gE65S}X!0RkM~ma0Kr`b57I83AJY00Ng[eFPQQCY0YK5~4_ym%`&CaCrZr`n%)D51F'F?mbNE,h-Fsv[jCN3rUE^L'S597Gomj?OgmT3mUR'Alz_Iq5[oOo91yR6nRZdxmjC=3BSdbG^5?g3QNN4WZiyZb"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\613755F10CFCDB14FA7FB84CC94E447D\Features]
"Application"="wu}k*e$eN9tJP){Y2v{$shredder64_Files"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\613755F10CFCDB14FA7FB84CC94E447D\Features]
"CommonObjs"="shredder64_Files"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\613755F10CFCDB14FA7FB84CC94E447D\InstallProperties]
"InstallLocation"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\613755F10CFCDB14FA7FB84CC94E447D\InstallProperties]
"DisplayName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}]
"InstallLocation"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}]
"DisplayName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EgisTec Shredder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EgisTec Shredder]
"sSystemDir"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EgisTec Shredder]
"sShredderFolderBanner"="C:\Program Files (x86)\EgisTec Shredder\;C:\Program Files (x86)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C2695E83-CF1D-43D1-84FE-B3BEC561012A}]
"InstallLocation"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}]
"InstallLocation"="C:\Program Files (x86)\EgisTec Shredder\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}]
"DisplayName"="Shredder"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32]
@="C:\Program Files (x86)\EgisTec Shredder\x86\ShredderContextMenu.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID]
@="ShredderContextMenu.ShredContextMenu.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID]
@="ShredderContextMenu.ShredContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E0FA077E-B6A4-41D2-9983-BEB4DD6D85AA}\InprocServer32]
"InprocServer32"="2E,Qg%7il9tnl@f{}UR1Shredder>LyP4_f@ai?}^!Kv-{%X. TCx]68m$_@6hMTS1Sz*0IPS>LyP4_f@ai?}^!Kv-{%X."
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\ShredderContextMenu.DLL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}]
@="ShredderContextMenu"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0]
@="ShredderContextMenu 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{9DF3C56F-99E7-4F0E-B2AE-08E899FA8211}\1.0\HELPDIR]
@="C:\Program Files (x86)\EgisTec Shredder\x64\"
[HKEY_USERS\S-1-5-21-941632169-3445688985-4007114053-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\377e55a7_0]
@="{0.0.0.00000000}.{2a3019a9-e951-45df-a59c-b05a09372e66}|\Device\HarddiskVolume3\Program Files (x86)\EgisTec Shredder\x86\FileShredder.exe%b{00000000-0000-0000-0000-000000000000}"

-= EOF =-

Alt 04.07.2013, 06:52   #10
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



EgisTec Shredder deinstallieren.

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:files
C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\Shredder.exe
C:\Program Files (x86)\EgisTec Shredder
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ShredderContextMenu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ShredderContextMenu.DLL]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID]
@=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID]
@=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\ShredderContextMenu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\ShredderContextMenu.DLL]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.07.2013, 17:02   #11
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



========== FILES ==========
C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\Shredder.exe moved successfully.
C:\Program Files (x86)\EgisTec Shredder\x86 folder moved successfully.
C:\Program Files (x86)\EgisTec Shredder\x64 folder moved successfully.
C:\Program Files (x86)\EgisTec Shredder\Ico folder moved successfully.
C:\Program Files (x86)\EgisTec Shredder folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ShredderContextMenu\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ShredderContextMenu.DLL\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}\\@ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32\\@ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID\\@ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID\\@ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\ShredderContextMenu\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\ShredderContextMenu.DLL\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{253C5D8C-536F-4140-9103-55F5B5442921}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07042013_180120

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.07.2013 18:35:10 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Wenig Albert\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,74 Gb Available Physical Memory | 73,08% Memory free
15,71 Gb Paging File | 13,35 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447,66 Gb Total Space | 317,79 Gb Free Space | 70,99% Space Free | Partition Type: NTFS
 
Computer Name: WENIGALBERT-PC | User Name: Wenig Albert | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
PRC - C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
PRC - C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Wenig Albert\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6f120c76113dc5166d2a5a5d21900f39\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll ()
MOD - C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (GFilterSvc) -- C:\Windows\SysNative\GFilterSvc.exe ()
SRV - (SProtection) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe (Iminent)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)
DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (s1029unic) -- C:\Windows\SysNative\drivers\s1029unic.sys (MCCI Corporation)
DRV:64bit: - (s1029mgmt) -- C:\Windows\SysNative\drivers\s1029mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1029obex) -- C:\Windows\SysNative\drivers\s1029obex.sys (MCCI Corporation)
DRV:64bit: - (s1029mdm) -- C:\Windows\SysNative\drivers\s1029mdm.sys (MCCI Corporation)
DRV:64bit: - (s1029nd5) -- C:\Windows\SysNative\drivers\s1029nd5.sys (MCCI Corporation)
DRV:64bit: - (s1029mdfl) -- C:\Windows\SysNative\drivers\s1029mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1029bus) -- C:\Windows\SysNative\drivers\s1029bus.sys (MCCI Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Delta Search
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {2BBEE4BE-3D97-47DC-AB26-C201CF6DCD97}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A84FD0DF9AC0FF83&affID=119828&tsp=4932
IE - HKCU\..\SearchScopes\{2BBEE4BE-3D97-47DC-AB26-C201CF6DCD97}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=OSDSRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "SearchTheWeb"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.bing.com/?cc=de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 17:31:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.23 17:31:37 | 000,000,000 | ---D | M]
 
[2013.02.19 19:51:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Extensions
[2013.02.21 01:01:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Firefox\Profiles\2bklh5ht.default\extensions
[2013.07.03 22:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\Firefox\Profiles\v1zs2t6c.default\extensions
[2013.02.19 19:55:55 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\2bklh5ht.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.10 10:43:48 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\v1zs2t6c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.03 19:33:08 | 000,006,505 | ---- | M] () -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\v1zs2t6c.default\searchplugins\babylon.xml
[2013.07.03 19:33:36 | 000,001,294 | ---- | M] () -- C:\Users\Wenig Albert\AppData\Roaming\mozilla\firefox\profiles\v1zs2t6c.default\searchplugins\delta.xml
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.05.23 17:31:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013.05.23 17:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.23 17:31:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O2 - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B65114B-12B8-49B5-B6E6-C6C0EA6C6D69}: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7037F900-4716-493E-A349-F9F88060D3C1}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{23420f7e-35b6-11e2-8c3d-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{23420f7e-35b6-11e2-8c3d-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{ce7333c7-1c6f-11e2-99bd-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{ce7333c7-1c6f-11e2-99bd-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{f6621e3d-16d5-11e1-a310-b870f4dbecf2}\Shell - "" = AutoRun
O33 - MountPoints2\{f6621e3d-16d5-11e1-a310-b870f4dbecf2}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.04 18:01:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.03 22:49:35 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Iminent
[2013.07.03 22:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2013.07.03 22:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2013.07.03 22:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Umbrella
[2013.07.03 19:37:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\IO
[2013.07.03 19:34:40 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sfx32.dll
[2013.07.03 19:34:40 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\ASCON Installer
[2013.07.03 19:33:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent
[2013.07.03 19:33:00 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\Windows\SysWow64\dhRichClient3.dll
[2013.07.03 19:32:58 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Opera
[2013.07.03 19:32:57 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Babylon
[2013.07.03 19:32:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.07.03 12:26:31 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{89D828C6-188F-4D24-BA78-593869B290C0}
[2013.07.03 11:42:54 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013.07.03 11:42:54 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013.07.03 11:34:12 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2013.07.03 11:34:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2013.07.03 11:34:12 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2013.07.03 11:34:12 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2013.07.02 19:40:24 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2013.07.02 19:40:24 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2013.07.02 19:40:24 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2013.07.02 19:40:20 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013.07.02 19:40:19 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2013.07.02 19:40:19 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2013.07.02 19:40:19 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2013.07.02 19:40:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2013.07.02 19:40:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2013.07.02 19:39:52 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2013.07.02 19:39:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2013.07.02 19:29:35 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{1BD8AA0E-F496-4AF3-A9FE-64C8A5255503}
[2013.07.01 21:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.07.01 21:34:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2013.07.01 21:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information
[2013.07.01 20:57:12 | 000,000,000 | ---D | C] -- C:\RegBackup
[2013.07.01 20:26:14 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.07.01 20:19:12 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.07.01 20:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.01 20:12:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.01 20:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.07.01 20:11:42 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\tweaking.com_windows_repair_aio
[2013.07.01 17:57:05 | 000,000,000 | ---D | C] -- C:\FRST
[2013.07.01 16:23:49 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A3740E97-2B8E-4F44-8C9B-817FAE126DC0}
[2013.07.01 15:58:02 | 000,083,672 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.07.01 00:29:43 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{06D1BD74-B061-4FF2-B6B0-BF18CCB68757}
[2013.06.30 23:50:55 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Avira
[2013.06.30 23:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.06.30 23:47:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.30 23:47:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.30 23:47:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.30 23:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.06.30 22:17:39 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Roaming\Malwarebytes
[2013.06.30 22:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.30 22:05:45 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.06.30 21:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.06.30 21:05:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.06.30 21:00:47 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\Mozilla Firefox
[2013.06.29 14:02:36 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{7D675EBF-FB46-4861-9473-78C7FD59573F}
[2013.06.24 22:18:56 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{4A86D70D-A3B7-40CA-8797-758A61DBCF60}
[2013.06.23 22:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.06.23 22:29:29 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.06.23 22:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.06.21 21:36:47 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{6001908C-C0CC-46D8-99B1-1B7C59698A71}
[2013.06.20 20:22:51 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A8A61B95-C5BC-4D04-9E28-A10667966518}
[2013.06.19 20:51:40 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{F22BFE76-51A3-4148-83AF-8D816DD32E95}
[2013.06.18 20:48:24 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{B552AEA6-51EA-4799-B804-37C6F1A9F804}
[2013.06.17 18:09:40 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{3C48E529-DBE4-4D54-A018-94F108F3BD9D}
[2013.06.15 18:13:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.15 18:13:09 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.12 18:33:07 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{90FE014E-1E5C-47F6-A01B-C7419AD986F4}
[2013.06.12 18:07:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.12 18:07:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.12 18:07:55 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.12 18:07:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.12 18:07:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.12 18:07:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.12 18:07:55 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.12 18:07:55 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.12 18:07:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.12 18:07:54 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.12 18:07:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.12 18:07:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.12 18:07:54 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.12 17:43:52 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.12 17:43:52 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.12 17:43:48 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.12 17:43:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.12 17:43:40 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.12 17:43:35 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.12 17:43:35 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.12 17:43:35 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.12 17:43:35 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.12 17:43:34 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.12 17:43:34 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.12 17:43:24 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.12 17:43:24 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.11 18:14:12 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{A51DECD0-2B4D-4F34-82C5-D146E6996809}
[2013.06.08 00:34:49 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{8D3AA3CD-9EE4-461F-81A6-3F63B915D31C}
[2013.06.07 13:29:45 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{8A083B41-9138-4FAB-8207-7893F007B476}
[2013.06.05 17:56:07 | 000,000,000 | ---D | C] -- C:\Users\Wenig Albert\AppData\Local\{E486856B-854D-4DB0-B6DB-CC162D3D713F}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.04 18:29:56 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.04 18:29:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.04 17:50:33 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.04 17:50:33 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.04 17:50:33 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.04 17:50:33 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.04 17:50:33 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.04 17:48:51 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.04 17:48:51 | 000,016,976 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.04 17:43:42 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.04 17:43:17 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.03 23:05:09 | 001,206,918 | ---- | M] () -- C:\Users\Wenig Albert\Desktop\Unbenanntzoo.PNG
[2013.07.03 22:49:32 | 000,001,530 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.07.03 22:43:01 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.03 19:34:40 | 000,120,320 | ---- | M] () -- C:\Windows\SysWow64\czip.ocx
[2013.07.03 19:34:40 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\sfx32.dll
[2013.07.03 19:33:00 | 000,121,856 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc0.exe
[2013.07.03 19:32:59 | 000,121,856 | ---- | M] () -- C:\Windows\SysNative\GFilterSvc.exe
[2013.07.03 12:01:47 | 000,428,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.01 21:34:00 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013.07.01 20:57:56 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-WENIGALBERT-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
[2013.07.01 20:29:10 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013.07.01 20:16:02 | 000,192,531 | ---- | M] () -- C:\Users\Wenig Albert\Desktop\Unbenannt1.PNG
[2013.07.01 20:12:44 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.01 17:41:08 | 000,041,561 | ---- | M] () -- C:\Users\Wenig Albert\Desktop\Unbenannt.PNG
[2013.07.01 15:57:48 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.06.30 23:47:54 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.30 23:46:01 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.06.30 23:46:01 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.06.30 23:46:01 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.06.30 21:00:52 | 000,001,255 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.06.24 20:48:55 | 000,001,990 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2013.06.23 22:30:16 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.06.13 21:24:12 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.13 21:24:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.07.03 23:05:09 | 001,206,918 | ---- | C] () -- C:\Users\Wenig Albert\Desktop\Unbenanntzoo.PNG
[2013.07.03 19:34:40 | 000,120,320 | ---- | C] () -- C:\Windows\SysWow64\czip.ocx
[2013.07.03 19:33:28 | 000,001,530 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2013.07.03 19:33:00 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2013.07.03 19:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\GFilterSvc0.exe
[2013.07.03 19:32:59 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\GFilterSvc.exe
[2013.07.03 11:42:57 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.07.03 11:34:11 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.07.01 20:57:56 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-WENIGALBERT-PC-Microsoft-Windows-7-Home-Premium-(64-Bit).dat
[2013.07.01 20:29:10 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2013.07.01 20:16:02 | 000,192,531 | ---- | C] () -- C:\Users\Wenig Albert\Desktop\Unbenannt1.PNG
[2013.07.01 20:12:44 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.07.01 17:41:08 | 000,041,561 | ---- | C] () -- C:\Users\Wenig Albert\Desktop\Unbenannt.PNG
[2013.06.30 23:47:54 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.06.30 22:06:39 | 000,428,800 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.23 22:30:16 | 000,001,747 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.04.22 21:29:06 | 000,000,579 | ---- | C] () -- C:\Windows\eReg.dat
[2012.10.29 23:12:49 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2012.10.10 21:03:13 | 000,000,120 | ---- | C] () -- C:\Windows\wininit.ini
[2012.04.03 20:43:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\Bundle
[2012.04.03 20:43:01 | 000,000,000 | ---- | C] () -- C:\ProgramData\Brother
[2012.04.03 20:36:28 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\Users\Wenig Albert\AppData\Roaming\CIOSupport
[2012.04.03 20:30:08 | 000,000,000 | ---- | C] () -- C:\Users\Wenig Albert\AppData\Roaming\Bubble Noise
[2012.04.03 20:30:07 | 000,000,000 | ---- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011.10.22 16:24:16 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.12 09:37:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.12 09:37:07 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.12 09:37:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.08.12 09:37:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.12 09:37:03 | 013,906,944 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< :files >
 
< C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\Shredder.exe >
 
< C:\Program Files (x86)\EgisTec Shredder >
 
< :reg >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ShredderContextMenu] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ShredderContextMenu.DLL] >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}] >
 
< @=- >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\InprocServer32] >
 
< @=- >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\ProgID] >
 
< @=- >
 
< [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{521065F1-DE6C-4E46-BBCB-89B0D0BE860D}\VersionIndependentProgID] >
 
< @=- >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\38E5962CD1FC1D3448EF3BEB5C1610A2] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Features\613755F10CFCDB14FA7FB84CC94E447D] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\ShredderContextMenu] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ShredderContextMenu.ShredContextMenu] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\ShredderContextMenu.DLL] >
 
< [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{253C5D8C-536F-4140-9103-55F5B5442921}] >
 
<           >

< End of report >
         
--- --- ---

Alt 04.07.2013, 19:50   #12
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Was macht dein Problem?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.07.2013, 20:25   #13
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



Hallo Schrauber ja das Problem ist weg die Meldung kommt bei mehrfachen Rechtsklick nicht mehr. Ich sag recht herzlichsten Dank für die Hilfe. Bist wirklich ein Profi und hoffe das du mal durch dein können auch belohnt wirst. Kannst du mir noch sagen was jetzt das genau war und ob ich mir sorgen machen muss ob mein laptop jemand gehackt hat und wie sich das für später vermeiden liese. Und wo ich mir diesen Fehler eingefangen. Wie kann ich mich da besser schützen vielleicht hast du da ja eien Empfehlung für mich.

Danke Dir

Alt 05.07.2013, 07:29   #14
schrauber
/// the machine
/// TB-Ausbilder
 

schredder 64 msi - Standard

schredder 64 msi



Dieses Programm EgisTec Shredder hat einige Einstellungen verbogen, mehr nicht

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2013, 14:55   #15
BlackOps
 
schredder 64 msi - Standard

schredder 64 msi



Danke dir schaue mir mal die programme an arbeitet das Malware Programm als Anti viren scanner auch mit oder sollte ich da noch einen zusätzlichen wie meinen AntiVir mitlaufen lassen?

Antwort

Themen zu schredder 64 msi
datei, einiger, forum, griff, hackerangriff, hallo zusammen, heulen, hoffe, installiere, installieren, jedesmal, klicke, melde, meldet, ordner, problem, rechte, rechten, shredder, total, virus, windows, windows 7, zufall, zusammen




Zum Thema schredder 64 msi - Hallo zusammen, Ich bin durch Zufall auf das Forum gestoßen weil ich seit einiger Zeit ein Problem habe. Mit meinem Windows 7 jedesmal wenn ich mit dem rechten Mausklick auf - schredder 64 msi...
Archiv
Du betrachtest: schredder 64 msi auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.