Win Vista Weißer Bildschirm

Alex1000 · 25.02.2014, 22:40

Hey Leute,
ich habe seit gestern ein kleines Problem.
Wenn ich meinen PC starte, habe ich einen weißen Bildschirm und kann nichts machen.
Inzwischen habe ich mich hier im Forum umgesehen und habe herausgefunden, dass ich wahrscheinlich irgendeinen Trojaner habe. Ich verstehe zwar einiges von Computern, aber das hier übersteigt mein Wissen.
Zur Info: ich habe OTL bereits durchlaufen lassen, kann aber leider kein Fix erstellen
bin dafür zu doof....

anbei findet ihr die Dateien.
Wäre super wenn Ihr schnell ein fix für mich findet !

Danke schonmal im vorraus!

schrauber · 26.02.2014, 08:02

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Alex1000 · 26.02.2014, 08:25

Tut mir leid! Wusste ich nicht...
also hier nochmal die logs.

OTL:

Code:

ATTFilter

OTL logfile created on: 25.02.2014 21:26:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = h:\
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,63% Memory free
6,75 Gb Paging File | 6,44 Gb Available in Paging File | 95,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 44,02 Gb Free Space | 18,90% Space Free | Partition Type: NTFS
Drive E: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 232,88 Gb Total Space | 96,07 Gb Free Space | 41,25% Space Free | Partition Type: NTFS
Drive H: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = 
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=109958&tt=3412_3&babsrc=HP_ss&mntrId=dc7be9530000000000000c0c0c0c0c01
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=3412_3&babsrc=SP_ss&mntrId=dc7be9530000000000000c0c0c0c0c01
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledAddons: %7B2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0%7D:1.2.7.0
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.1
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.10
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.6.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.autoconfig_url: "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gRmluZFByb3h5Rm9yVVJMKHVybCwgaG9zdCkgewogIGlmICgoaG9zdCA9PSAnd3d3LnlvdXR1YmUuY29tJyAmJiB1cmwuaW5kZXhPZigneW91dHViZS5jb20vd2F0Y2g/dj1fT2d1alAxMDlCVSZweHRyeT0xJykgIT0gLTEpIHx8IChob3N0LmluZGV4T2YoJ2MueW91dHViZS5jb20nKSAhPSAtMSAmJiB1cmwuaW5kZXhPZignYy55b3V0dWJlLmNvbS92aWRlb3BsYXliYWNrJykgIT0gLTEgJiYgdXJsLmluZGV4T2YoJ2djcj11cycpICE9IC0xKSkKICAgIHJldHVybiAnUFJPWFkgMjA5LjIzOS4xMjAuOTc6MzEzMSc7CiAgcmV0dXJuICdESVJFQ1QnOwp9"
FF - prefs.js..network.proxy.ftp: "190.248.39.52"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "190.248.39.52"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "190.248.39.52"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "190.248.39.52"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.11.04 17:23:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.29 05:10:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files\PDF Architect\FFPDFArchitectExt [2013.06.16 16:36:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.26 13:11:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.05.29 05:10:38 | 000,000,000 | ---D | M]
 
[2011.08.26 12:34:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2013.08.07 20:53:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions
[2013.08.07 20:53:40 | 000,000,000 | ---D | M] (HDvid Codec 3) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\hdvc3@hdvidcodec.com
[2013.06.29 14:45:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\ich@maltegoetz.de
[2013.07.13 11:32:15 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\6j64261c.default\extensions\plugin@getwebcake.com
[2013.06.30 09:44:04 | 000,233,016 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\hdvc3@hdvidcodec.com.xpi
[2013.02.10 23:33:01 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\stealthyextension@gmail.com.xpi
[2013.07.17 19:01:57 | 000,620,351 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\toolbar@web.de.xpi
[2012.08.26 11:43:29 | 000,009,253 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi
[2013.07.22 06:32:24 | 000,818,491 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.12 23:29:10 | 000,275,262 | ---- | M] () (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.07.17 19:02:01 | 000,001,050 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\11-suche.xml
[2013.07.13 11:30:37 | 000,006,549 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\babylon.xml
[2013.07.13 11:31:25 | 000,001,294 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\delta.xml
[2013.07.17 19:02:01 | 000,002,418 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\englische-ergebnisse.xml
[2013.07.17 19:02:01 | 000,010,701 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\gmx-suche.xml
[2013.07.17 19:02:01 | 000,002,432 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\lastminute.xml
[2013.07.17 19:02:00 | 000,005,682 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\6j64261c.default\searchplugins\webde-suche.xml
[2013.05.24 01:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.24 01:29:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.05.24 01:29:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.07.03 18:45:02 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.07.03 12:16:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2013.07.03 12:16:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.07.03 12:16:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\browser\extensions
[2013.07.03 12:16:33 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.08.26 11:34:37 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U45 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - Extension: HDvid Codec 3 = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo\3.1_0\
CHR - Extension: AdBlock = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: Google Wallet = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: YouTube Unblocker = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.5.5_0\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [ProfilerU] C:\Programme\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [SaiMfd] C:\Programme\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [EADM] F:\Origin\Origin.exe (Electronic Arts)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [GoogleChromeAutoLaunch_AD2529C7DB5B63D28C23362385276129] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Spotify] C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Spotify Web Helper] C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7D9614B-C42C-4F26-B642-AFBC40C36BD8}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F008D0E7-F6F4-4A15-AAB5-309FF8248FBF}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll) - c:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1619137543-1995530686-1982277929-1000 Winlogon: Shell - (C:\Users\Alex\AppData\Roaming\cache.dat) - C:\Users\Alex\AppData\Roaming\cache.dat ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\TSpkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O31 - SafeBoot: UseAlternatShell - 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.08.05 18:02:19 | 000,398,600 | R--- | M] (Electronic Arts Inc.) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.08.05 17:23:19 | 000,000,043 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.08.05 17:52:02 | 000,000,000 | R--D | M] - E:\autorun -- [ UDF ]
O33 - MountPoints2\{103e3454-e926-11e2-8c0f-0c0c0c0c0c01}\Shell - "" = AutoRun
O33 - MountPoints2\{103e3454-e926-11e2-8c0f-0c0c0c0c0c01}\Shell\AutoRun\command - "" = H:\AcerCloudSetup.exe
O33 - MountPoints2\{462bdc1d-cfd1-11e0-a729-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{462bdc1d-cfd1-11e0-a729-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.08.05 18:02:19 | 000,398,600 | R--- | M] (Electronic Arts Inc.)
O33 - MountPoints2\{f3082b60-63c0-11e3-8b92-e20067deb017}\Shell - "" = AutoRun
O33 - MountPoints2\{f3082b60-63c0-11e3-8b92-e20067deb017}\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 7 Days ==========
 
[2014.02.24 03:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 7 Days ==========
 
[2014.02.25 21:06:52 | 000,669,960 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2014.02.25 21:06:52 | 000,631,026 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.02.25 21:06:52 | 000,143,304 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2014.02.25 21:06:52 | 000,117,652 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.02.25 20:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.02.25 20:47:06 | 000,000,004 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\cache.ini
[2014.02.25 20:46:56 | 000,014,668 | ---- | M] () -- C:\Users\Alex\AppData\Local\d3d9caps.dat
[2014.02.25 20:42:34 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.25 20:42:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.02.25 20:42:30 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.02.24 21:03:07 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2014.02.24 16:40:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.23 18:15:53 | 000,001,778 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
[2014.02.23 18:15:53 | 000,001,686 | ---- | M] () -- C:\Users\Public\Desktop\LOL Recorder.lnk
[2014.02.20 20:22:11 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.02.24 16:20:30 | 000,000,004 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\cache.ini
[2014.02.20 20:22:11 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2014.01.11 23:59:28 | 000,000,024 | ---- | C] () -- C:\Users\Alex\jagexappletviewer.preferences
[2013.12.24 12:57:24 | 000,000,043 | ---- | C] () -- C:\Users\Alex\jagex_cl_runescape_LIVE.dat
[2013.12.24 12:57:24 | 000,000,024 | ---- | C] () -- C:\Users\Alex\random.dat
[2013.11.20 22:26:13 | 000,044,544 | ---- | C] () -- C:\Windows\System32\Gif89.dll
[2013.10.07 19:09:11 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2013.10.07 19:09:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2013.09.24 18:46:20 | 000,267,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.09.24 12:48:52 | 000,114,688 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\cache.dat
[2013.09.18 21:00:30 | 000,023,424 | ---- | C] () -- C:\Windows\System32\drivers\GameKB.sys
[2013.08.07 20:55:12 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.07.14 12:50:41 | 000,045,457 | ---- | C] () -- C:\Users\Alex\Heiderplan.png
[2013.07.05 04:29:25 | 000,000,552 | ---- | C] () -- C:\Users\Alex\AppData\Local\d3d8caps.dat
[2013.06.29 19:06:15 | 000,213,940 | ---- | C] () -- C:\Users\Alex\ole-udyr-chief.PNG
[2013.06.29 18:57:59 | 000,101,103 | ---- | C] () -- C:\Users\Alex\zdyr-alex-build.PNG
[2013.06.21 19:02:47 | 000,103,901 | ---- | C] () -- C:\Users\Alex\2013-06-21 19.24.05.jpg
[2013.01.03 17:37:32 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2013.01.03 17:37:32 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2013.01.01 17:56:42 | 000,000,080 | RHS- | C] () -- C:\Windows\System32\AF932C7F2C.dll
[2012.09.14 20:52:45 | 000,000,810 | ---- | C] () -- C:\Windows\Rtcw.INI
[2012.09.13 22:53:32 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012.09.13 18:47:00 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.08.23 19:50:53 | 000,001,515 | ---- | C] () -- C:\Users\Alex\AppData\Local\recently-used.xbel
[2012.05.29 04:55:35 | 000,187,558 | ---- | C] () -- C:\Windows\hpoins36.dat
[2012.05.29 04:55:35 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.05.14 07:50:42 | 000,020,480 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.04 21:35:56 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2012.04.04 21:35:56 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.08.26 11:59:44 | 000,014,668 | ---- | C] () -- C:\Users\Alex\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2011.08.26 14:48:54 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.19 08:36:49 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\TEMP:07BF512B

< End of report >

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 25.02.2014 21:26:17 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = h:\
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,75 Gb Available Physical Memory | 84,63% Memory free
6,75 Gb Paging File | 6,44 Gb Available in Paging File | 95,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 44,02 Gb Free Space | 18,90% Space Free | Partition Type: NTFS
Drive E: | 3,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 232,88 Gb Total Space | 96,07 Gb Free Space | 41,25% Space Free | Partition Type: NTFS
Drive H: | 3,75 Gb Total Space | 3,74 Gb Free Space | 99,98% Space Free | Partition Type: FAT32
 
Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A95D6742-25A5-4165-9015-363F2FED4AE5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04063013-4F15-4DF7-9F51-7C45A8E12B21}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{07745652-47AA-4536-8876-A5BFF503EADC}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe | 
"{08ED52C2-55D1-450D-B126-E47A9F1B8F0C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{09AD0D57-2A82-45DF-827A-38BC0555261A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 
"{10FBD308-8077-4EE0-9F88-90C053AED5EC}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{114D284C-DCD8-43EE-9940-F97DBBB44B18}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | 
"{14CB5D24-8CE5-46F4-B159-B44C72B23431}" = dir=in | app=c:\program files\htc\htc sync manager\htcsyncmanager.exe | 
"{1B5BEF0D-76B1-46B1-A144-3DE5B74CE38B}" = protocol=17 | dir=in | app=f:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe | 
"{1DD97C9C-4BA7-4329-9658-2128D033B9FB}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{1E798C64-3D6C-4195-BA38-CC15C86DA4A3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | 
"{1FEF1021-540C-4187-9FBA-29D9C9C4FBA9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe | 
"{21497095-DE72-4D21-9EB3-FC891C9E390C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{21E269C1-B04E-4BC9-92BA-47BFFD4EBA40}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{222DD143-47F7-4916-8E5F-E68CEAE92D16}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{23228921-5386-41C5-AABE-F82B84450A36}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | 
"{29C78D70-71F8-461E-89D2-7077E9D205B1}" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"{2A6DE98B-6F66-48A1-9DEB-4508AC706801}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{2C38727B-6C55-4F7F-B778-D9C175CDFF5A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{32FA1EC2-CC60-4CB3-A7A2-5AA150704FBB}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{3FFC533D-2E98-457B-BC95-0DC79D98FC05}" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"{47FC3605-604B-4CA1-A1F7-62FB42B45A6B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | 
"{4ECCD0FF-025E-4054-A3A1-7C1357A2E642}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe | 
"{527679CF-52EB-4B61-B3D2-66072D4219E0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | 
"{5A752187-CF52-44F5-94DB-C491B2EF0C7A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{5CB39B1B-6A51-46E5-B82B-EFE0B36D492E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthurmulti.exe | 
"{63ABE96A-2B2E-43B9-B54A-F5B083A3B378}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{6888707D-29CB-4A07-B400-FE08FB066056}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{6A2D4B8B-FBEA-4DDE-B668-511EFB2158E9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{6CA153A6-6592-4EC8-B80E-8F5410E333B8}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{6CE77A07-0491-45B8-A9B9-AEA3ED881FB5}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{75FCAE6B-9DA7-4C4E-B4D2-1C4BBD913562}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | 
"{785D9F03-A130-4B42-B11A-AF778AE538B3}" = protocol=17 | dir=in | app=f:\spiele\universe at war\uawea.exe | 
"{7CBB98F9-249F-417A-8E40-A68E8897F945}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{7FED70F6-C76E-48F8-8D23-81E260AB392D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{81ABE893-A3F4-4E3B-9B12-098DCAABFBA5}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{8327265D-EBB6-4375-AF03-ECCC0413F01A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | 
"{86A98AB2-4C5D-4C10-AC51-4A49A10AA8A2}" = protocol=17 | dir=in | app=c:\program files\mass effect 2\binaries\masseffect2.exe | 
"{8B4B43C6-1A74-4138-8395-8C4AAE5C6E87}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\darksiders 2\darksiders2.exe | 
"{916293D9-88A2-4BCB-81D0-38CB18181C34}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{9326F91E-79A3-4128-82B6-004F0D3E57BF}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{9FF0ACE6-3723-4F82-B352-D2F9D0339405}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9FF82AE5-D4EC-4C66-8207-B0648E7A3DFF}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"{A08CED25-0457-409F-9FB2-986E13E00B9F}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\kingdomsrise\binaries\win32\udk.exe | 
"{A6D8645E-9517-4A10-832A-CD1D2F30229E}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trine 2\trine2_launcher.exe | 
"{A8CDEAF4-EB09-4445-8CFE-B4F6970C0596}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{AF6C0976-C5AD-401E-9506-A3A45CC478F0}" = protocol=6 | dir=in | app=c:\program files\mass effect 2\masseffect2launcher.exe | 
"{B1EF431A-4E24-455A-9B6E-C9F13FC8A015}" = protocol=6 | dir=in | app=f:\spiele\universe at war\uawea.exe | 
"{B358C100-95EC-485C-9B17-98098FEA11BF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{B82514D6-69B0-4CD0-9520-08BFBAA42A64}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\king arthur - the role-playing wargame\kingarthur.exe | 
"{B9AC24FD-B783-43EC-AD87-464A499BF3DA}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{BA22C00B-E1C4-46DF-8DB6-B6D1FFC89A2C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{BB76B189-3087-438F-B2C9-EFAB644C962C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{BC3E64A6-F0DC-48CA-902D-AB20D9883A6A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{C0ED13F6-741F-4F5F-970C-7709540578B2}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{C212961E-0A80-46AE-968C-B15276A5FF4B}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{C562B5D8-0F4D-4356-822D-4ACCBABDAAC4}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe | 
"{CDAAA636-8FBC-4F0F-8FA9-BA29D0935D36}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"{CDBD974D-DA10-44FE-831A-026AFC4231BB}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | 
"{D0158745-F657-4F9C-B2BF-0EA277DE4A31}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{D01A1D51-D1F1-4E1F-BC42-BD5FD1E315EC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{D26C5154-52DC-4764-810B-442FB5F4BCAA}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{D3B21FEB-0908-4F33-B55E-CB953B48678A}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{D4C21760-2F30-4A33-BA4A-C3F8F186CB27}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{D69AD45E-95EA-474D-AD73-9838823F8AE9}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{D8B36198-6968-44A8-A722-68ABDF183DAA}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{E60C8723-082A-4590-A0D9-515BF2B41ADA}" = protocol=6 | dir=in | app=f:\spiele\mass effect 3\mass effect 3\binaries\win32\masseffect3.exe | 
"{E780DC0B-2841-424B-99DE-C9ABC6F7C68F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{EE1CD8DF-8693-47FA-8B4F-08690353BD08}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{F31212ED-040B-45A8-AA40-D73DCD7164F2}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{FC8F68CB-D787-416A-9AF0-B741DDE2D277}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{FCB172F2-487C-4CAD-9158-4ABA8435870F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{FDCEEDEE-C275-485D-9E51-8A9C4989E3E7}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{FF3C8982-0CBA-47B6-8C32-4B8F3A40FE17}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{FFF476B2-1ACE-4E63-B32B-70A8BF57D94C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"TCP Query User{3E2CD3AC-4C19-497C-80F1-DBD9A30D10F5}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{CB69DFA9-4788-4A01-B70E-B47A0326A244}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06D616BB-D397-6BCF-DEAD-DBEAD9AA69C1}" = CCC Help Russian
"{08208143-777D-4A06-BB54-71BF0AD1BB70}" = IPTInstaller
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{153C7D89-9CF4-4719-A551-C5BF45236DB5}" = redist
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BitGuard
"{17DC6852-9048-393B-1A89-203B36675653}" = CCC Help German
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
"{1EC58056-481C-B7C8-A105-5C77BF3EAA16}" = CCC Help Swedish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1" = Pulover's Macro Creator Version 4.1.1
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{28D30BC0-EE51-8C94-80B3-04BE1A26B088}" = CCC Help Turkish
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29546C4F-DB1C-0033-8DB4-65CED0CE571B}" = ccc-utility
"{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd
"{2F46EDE0-BA53-0AC8-45D4-B0C674BBDCB7}" = AMD VISION Engine Control Center
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{368E4EF8-E840-40EE-A224-50B8D1DC2B12}" = HTC Sync Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44E46185-638A-4F84-C902-74ACF30932A7}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB43DE0-CF91-C9D5-3F6C-A869CC44D742}" = CCC Help Czech
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{528E82EA-A194-4A9D-371E-59BACC7D7DE4}" = CCC Help Dutch
"{538FB3F5-22D6-A671-4396-1426582E332A}" = Catalyst Control Center Localization All
"{53920718-25F0-CBA8-D694-BDC793C2B219}" = CCC Help Chinese Traditional
"{540C5568-983A-B7BC-3005-C42736DA00AB}" = CCC Help English
"{56206A74-F8C4-7705-DE77-315A0ADCB41F}" = CCC Help Japanese
"{57E0E3A9-F4EF-1540-CADA-EB5E33B3B922}" = CCC Help Korean
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6E65E954-8C25-797C-5382-B9B83F262105}" = Catalyst Control Center InstallProxy
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{746F49C9-3789-4F8E-AF3A-3A4B42ACFAF8}" = Spellforce 2 Gold
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77091BC5-B357-166C-CFDF-2AC2C72ED29E}" = CCC Help Italian
"{781B7F3D-8107-4049-80C0-16FF46420184}" = XSplit Broadcaster
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{902DBBC3-CCF2-E030-CDBA-55F4024C7813}" = CCC Help Finnish
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99AD9D6D-A456-49EE-8360-F22EE7AA1272}" = Express Gate
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D104AC8-D050-9D64-8E8E-04CF56C98A43}" = CCC Help Portuguese
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5F6F320-2542-333D-AC13-4B66078257C5}" = CCC Help French
"{A7315BB6-3CA7-F270-D1CD-BC6A6BEFDB55}" = AMD Fuel
"{A7E3C9FE-A5CE-B00A-49F8-64BC03B6ABF8}" = Catalyst Control Center Graphics Previews Common
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA5AD5C2-2C06-F079-493F-5497B6070A31}" = CCC Help Polish
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B52E8E66-2ADD-879C-D86B-4330BAE08A1C}" = AMD Catalyst Install Manager
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{C6B51FD8-942C-45FE-9704-19B687372691}" = Auto Clicker - Image Recognizer
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4FAE68-434C-BA43-8B9A-DA215B220479}" = CCC Help Thai
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault
"{D4737341-1524-6784-8AC1-F79DC79B96CB}" = CCC Help Chinese Standard
"{D910F446-B7A0-F472-1B89-A9085F4AFFBD}" = CCC Help Norwegian
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E288EA43-3A9B-BEAB-8147-11BE15709D42}" = CCC Help Hungarian
"{E2A067AA-D675-5AB0-E1B5-3E701ED8DE5C}" = CCC Help Danish
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E344FE06-DB6C-452A-86B6-37440C7C05F3}" = Smart Technology Programming Software 7.0.24.8
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EBBE64F6-7E23-5857-891F-045560AECC7F}" = Application Profiles
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41}" = Sins of a Solar Empire
"{F08A6ECB-A8F2-D822-24CE-307AF4AFE64F}" = CCC Help Greek
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F5CA78D9-B5E9-421E-8DF9-0B418BCBD563}" = LogMeIn Hamachi
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}" = RuneScape Launcher 1.2.3
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownload" = HDVidCodec
"3D Model Viewer 0.3.5.4" = 3D Model Viewer 0.3.5.4
"AceSpeeder" = AceSpeeder
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"ArtMoney SE_is1" = ArtMoney SE v7.39.1
"CCleaner" = CCleaner
"Counter-Strike 1.6" = Counter-Strike 1.6
"DAEMON Tools Lite" = DAEMON Tools Lite
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"Foxit Reader_is1" = Foxit Reader
"Game Booster_is1" = Game Booster 3
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HyperCam 3" = HyperCam 3
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D4658131-9D1A-4395-876D-968E38FE8ED5}" = Universe at War Earth Assault
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LogMeIn Hamachi" = LogMeIn Hamachi
"LOLReplay" = LOLReplay
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"Pack 500 track" = Pack 500 track
"Recuva" = Recuva
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies
"Sins of a Solar Empire" = Sins of a Solar Empire
"SMAC 2.0" = SMAC 2.0
"Spotydl_is1" = Spotydl 0.9.26.0
"StarCraft II" = StarCraft II
"Steam App 220440" = DmC Devil May Cry
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 248630" = Kingdoms Rise
"Steam App 35720" = Trine 2
"Steam App 50650" = Darksiders II
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"The Elder Scrolls Online Beta_is1" = The Elder Scrolls Online Beta
"TmUnitedForever_is1" = TmUnitedForever
"Totalcmd" = Total Commander (Remove or Repair)
"UDK-261d094a-7ad9-4306-81e5-0d12cb590323" = Unreal Development Kit: 2012-10
"UDK-a8af7147-fac0-4043-8b76-70b2384cb2e2" = Unreal Development Kit: 2012-10
"UVMapper Professional Demo_is1" = UVMapper Professional Demo 3.6c
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1619137543-1995530686-1982277929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.07.2013 08:54:34 | Computer Name = Alex-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\newdev.dll".
Die
 abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12.07.2013 09:24:36 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:24:38 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:24:39 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:24:39 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:24:40 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:27:58 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:27:59 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11500
Description = 
 
Error - 12.07.2013 09:38:19 | Computer Name = Alex-PC | Source = MsiInstaller | ID = 11935
Description = 
 
Error - 12.07.2013 11:18:48 | Computer Name = Alex-PC | Source = .NET Runtime Optimization Service | ID = 1111
Description = 
 
[ System Events ]
Error - 04.02.2014 16:04:59 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 04.02.2014 16:07:29 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 04.02.2014 16:07:29 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.02.2014 16:08:22 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 04.02.2014 16:08:22 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 05.02.2014 13:04:29 | Computer Name = Alex-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 05.02.2014 13:05:58 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 05.02.2014 13:06:36 | Computer Name = Alex-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 05.02.2014 13:07:34 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 09.02.2014 05:50:08 | Computer Name = Alex-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 05.02.2014 um 18:23:11 unerwartet heruntergefahren.
 
 
< End of report >

Hoffe jetzt kannst du es nutzen.
Danke für die schnelle Antwort!

schrauber · 27.02.2014, 09:14

Ich sehe du kannst im Safe Mode arbeiten, dann machen wir das jetzt anders:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Win Vista Weißer Bildschirm

Log-Analyse und Auswertung: Win Vista Weißer Bildschirm