Hallo!
Ich habe jetzt das gemacht, was vorhin angekündigt. PC neu gestartet, Otl gestartet und postet jetzt hier die Logfiles:
1. OTL.txt. Code:
OTL logfile created on: 11.06.2013 21:30:50 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\smenz\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 70,74% Memory free
7,82 Gb Paging File | 6,51 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 401,70 Gb Free Space | 90,04% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK-N5050 | User Name: smenz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\smenz\Desktop\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
PRC - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
PRC - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
========== Modules (No Company Name) ==========
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\990123c5701a26f1d724150839811bce\System.Xml.Linq.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\1e8f7367eaa08c5057d78c093982f8f0\System.IdentityModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\e698a866fd16973a24ca6697218028ad\System.ServiceModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\27649bdc3da750e2e072dedbff56cc0b\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\09a468fb987e5a5f345346b0910c89ca\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
MOD - C:\windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\DataService.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\de-DE\UI\ManagerUI.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll ()
MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll ()
MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (McODS) -- C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (McAWFwk) -- c:\Programme\mcafee\msc\McAWFwk.exe (McAfee, Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (RoxWatch12) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (NOBU) -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe (Dell, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.cafeastrology.com/
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://dell.de.msn.com/
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 82 07 61 26 A1 66 CE 01 [binary data]
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\smenz\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013.03.08 21:00:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.05.03 15:14:33 | 000,000,000 | ---D | M]
[2012.12.12 15:46:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\smenz\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.11.29 16:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\smenz\AppData\Roaming\mozilla\firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Users\smenz\npAmazonMP3DownloaderPlugin101753.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: FTdownloader = C:\Users\smenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\
CHR - Extension: FTdownloader = C:\Users\smenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli\1.0_0\
O1 HOSTS File: ([2013.06.10 22:45:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20121019190708.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121019190708.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" File not found
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF8049F2-D056-4D77-BBD9-9A4E94121408}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.06.11 21:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.11 21:28:25 | 000,000,000 | R--D | C] -- C:\Users\smenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2013.06.11 20:36:46 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Roaming\Opera
[2013.06.11 20:36:46 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\Opera
[2013.06.11 20:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.06.11 18:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.06.11 15:44:48 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{DB842E70-8B2F-4D4F-B8D8-9D6EFA3BE627}
[2013.06.11 14:48:23 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.06.11 14:13:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.06.11 14:08:04 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.06.11 14:08:04 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.11 12:41:41 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{D4EF7E44-698F-49B5-988E-ADC2597669C1}
[2013.06.11 08:49:32 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.11 00:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.06.11 00:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.06.11 00:13:56 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{19494DC6-CB0E-4BD6-9E13-E7F9F402D3D0}
[2013.06.10 22:47:28 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013.06.10 22:36:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013.06.10 22:36:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013.06.10 22:36:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013.06.10 22:36:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.10 22:36:28 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013.06.10 14:10:46 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Roaming\Malwarebytes
[2013.06.10 14:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.10 14:09:28 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\Programs
[2013.06.10 12:03:10 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{C7D57F9F-AC30-486B-91DC-2DA4BE273A0B}
[2013.06.10 11:33:20 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2013.06.10 11:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2013.06.09 13:58:50 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{611D7DAD-53D3-4DE9-9C4B-830757327AF8}
[2013.06.09 12:49:25 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{1B15C7C8-CFE7-4EFC-8144-2BC4EC941DD7}
[2013.06.08 19:56:41 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{709CD044-0FC4-4C81-A9F2-3C83376F46E3}
[2013.06.08 01:51:20 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{271A1423-9442-4B4A-BC7D-C26645279328}
[2013.06.07 11:19:34 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{12EBC70D-40B4-4919-89C3-00C832D819DA}
[2013.06.06 23:54:36 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{2143C710-40B1-4A7B-9A1A-AE3EF5867B89}
[2013.06.06 09:30:58 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{16512E56-DEE7-47F3-A78F-4C82F34E60D6}
[2013.06.05 09:39:15 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{D06639DF-6B4F-40B9-92E9-906E89F57CCD}
[2013.06.04 09:24:08 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{AF7F07C9-948F-47D2-B871-60A66004B1F2}
[2013.06.03 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{2D9393DF-0BDD-4F07-BF6E-17F0F03930FC}
[2013.06.01 19:25:06 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{E137133E-34DF-4263-9583-007908580F25}
[2013.06.01 12:10:15 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{AFCB9DCD-C1C1-42E1-A587-B06BE38A724D}
[2013.05.31 13:26:45 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{C67DDA40-A996-494E-8392-004EC3B2E17D}
[2013.05.30 23:57:48 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{5449B776-B7DC-40FD-AA53-97DF75C23FBF}
[2013.05.30 11:31:34 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{25A24C8A-70D5-4BA8-A333-27E5B83E9168}
[2013.05.29 23:30:46 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{D5015153-D854-4D5D-8AFA-7E9154EA66EA}
[2013.05.29 20:32:50 | 000,000,000 | R--D | C] -- C:\Users\smenz\Desktop\MySyncUPFiles
[2013.05.29 11:04:08 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{610835F2-803D-41BA-81BD-075ECF08F419}
[2013.05.28 13:44:05 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{D63B0617-DF12-4B1A-AB35-82251D271D6F}
[2013.05.28 00:10:20 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{DD52A04A-E5A2-4F5D-A66F-18387C35E9E8}
[2013.05.27 09:46:10 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{585CE5CE-82C4-493B-86AD-669A482D10D1}
[2013.05.26 12:32:31 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{E3505BF6-507B-4808-AE5F-AB9020FCFFA7}
[2013.05.25 12:22:39 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{F25B712E-F747-4541-B65F-D8C4C3CAE0EB}
[2013.05.24 15:23:29 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{19EB7E9E-7772-449E-A8C7-E7C8912AE47A}
[2013.05.24 00:45:23 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{989082A7-B267-4C56-8C7D-835E571478AD}
[2013.05.23 14:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC-Doctor for Windows
[2013.05.23 14:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\My Dell
[2013.05.23 10:07:48 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{2AA45AA8-434B-4504-B6BE-FDCB871134BC}
[2013.05.22 21:59:48 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{C2F6918A-DE67-47AA-8CB1-E940689B0A5F}
[2013.05.22 09:39:48 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{9F70A087-61A5-4B1A-82F5-509053AF7F3E}
[2013.05.21 11:54:25 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{20682498-3E62-489E-983F-07C6DE9A7300}
[2013.05.20 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{C4FFF70D-E69C-4228-9A02-BDD4A954F979}
[2013.05.19 16:02:34 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{3A0B1281-EC1A-4D92-BA3B-39079EF575E9}
[2013.05.17 15:03:42 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{40363E5E-84DE-450A-98AC-ABDCABDFC788}
[2013.05.16 14:47:45 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{A36EBE10-EF2C-4790-BAA7-759F0755E082}
[2013.05.15 18:58:42 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013.05.15 18:58:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013.05.15 18:58:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.05.15 18:58:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.05.15 18:58:41 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013.05.15 18:58:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013.05.15 18:58:41 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 18:58:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 18:58:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013.05.15 18:58:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013.05.15 18:58:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013.05.15 18:58:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013.05.15 18:58:39 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.05.15 18:58:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.05.15 18:58:38 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.05.15 18:35:10 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 18:35:10 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2013.05.15 18:35:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2013.05.15 18:34:56 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013.05.15 18:34:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013.05.15 18:34:55 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2013.05.15 18:34:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013.05.15 09:11:41 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{A6A659E8-08F9-4E49-9BC6-DF3B362CB74C}
[2013.05.14 10:34:04 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{51649E44-F733-4727-AE78-47D0EEEFEF8C}
[2013.05.13 10:26:30 | 000,000,000 | ---D | C] -- C:\Users\smenz\AppData\Local\{163E1F8A-F4A9-474E-9A4E-3B9D930448DC}
[2012.10.30 00:15:44 | 001,222,144 | ---- | C] (Amazon.com, Inc.) -- C:\Users\smenz\npAmazonMP3DownloaderPlugin101753.dll
[2012.10.30 00:07:00 | 004,814,848 | ---- | C] (Amazon.com) -- C:\Users\smenz\AmazonMP3Downloader.exe
========== Files - Modified Within 30 Days ==========
[2013.06.11 21:34:11 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 21:34:11 | 000,020,720 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 21:28:08 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.11 21:25:54 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.11 21:25:49 | 3149,086,720 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.11 21:02:00 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.11 19:08:12 | 001,612,484 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.06.11 19:08:12 | 000,696,870 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.06.11 19:08:12 | 000,652,148 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.06.11 19:08:12 | 000,148,134 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.06.11 19:08:12 | 000,121,080 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.06.11 14:13:44 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.06.11 14:08:04 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.06.11 14:08:04 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.10 22:45:33 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013.06.10 11:33:37 | 000,246,804 | ---- | M] () -- C:\windows\SysNative\drivers\AtherosBt.bin
[2013.06.06 09:02:33 | 000,001,342 | ---- | M] () -- C:\Users\smenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
[2013.05.16 14:45:10 | 000,461,776 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2013.06.11 20:36:42 | 000,001,843 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.06.11 14:13:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.06.11 14:13:44 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.06.10 22:36:52 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013.06.10 22:36:51 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013.06.10 22:36:51 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013.06.10 22:36:51 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013.06.10 22:36:51 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012.10.29 23:58:40 | 000,010,578 | ---- | C] () -- C:\Users\smenz\cacert.pem
[2012.10.29 23:54:34 | 000,010,982 | ---- | C] () -- C:\Users\smenz\Readme.html
[2012.10.21 19:02:48 | 000,001,752 | ---- | C] () -- C:\Users\smenz\Browserwahl.lnk
[2012.07.04 19:06:41 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012.07.04 19:06:41 | 000,216,876 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012.07.04 19:06:41 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012.07.04 16:50:12 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012.06.08 12:59:19 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2012.06.08 12:59:17 | 000,000,324 | ---- | C] () -- C:\windows\Prelaunch.ini
[2012.06.08 12:59:17 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2012.06.08 12:59:17 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2012.06.08 12:59:17 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2012.06.08 12:59:17 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2012.06.08 12:59:17 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2012.06.08 12:59:17 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2012.06.08 10:48:16 | 001,590,378 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.10.19 13:27:10 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Fingertapps
[2013.05.08 12:52:44 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\GlarySoft
[2013.05.08 12:44:25 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Nokia
[2013.05.08 12:44:25 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Nokia Suite
[2013.06.11 20:36:46 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Opera
[2012.10.21 20:07:27 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\PC Suite
[2012.11.05 12:47:29 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\PCDr
[2013.05.08 12:28:20 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Similarity
[2013.01.23 14:30:41 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\Windows Live Writer
[2012.10.21 20:04:30 | 000,000,000 | ---D | M] -- C:\Users\smenz\AppData\Roaming\ZinioReader4
========== Purity Check ==========
< End of report >
2. Logfile Extras.text. Code:
OTL Extras logfile created on: 11.06.2013 21:30:50 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\smenz\Desktop\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 70,74% Memory free
7,82 Gb Paging File | 6,51 Gb Available in Paging File | 83,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 401,70 Gb Free Space | 90,04% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK-N5050 | User Name: smenz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0068B183-036C-445C-AF38-67791C843CB8}" = lport=139 | protocol=6 | dir=in | app=system |
"{1A45F29C-A023-46F5-833E-F7F9F8518CCE}" = lport=137 | protocol=17 | dir=in | app=system |
"{1FE94176-DD75-4551-AAAE-C7B9C08E7518}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2BA42CC4-A9BD-4FCA-9A28-75142D9DE33A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37CC9C39-8AC8-4C35-B862-B38EC0F38701}" = lport=445 | protocol=6 | dir=in | app=system |
"{4C2D7A28-B2A0-4049-80BA-327A0A0ED2D0}" = lport=9700 | protocol=17 | dir=in | name=syncup_udp_9700 |
"{5B5AC33E-2639-40EE-8BDB-B8EA465351E9}" = lport=9702 | protocol=6 | dir=in | name=syncup_tcp_9702 |
"{5EF88D3A-86F6-42C1-9513-C9E729D8B248}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{62C83ECE-C666-4624-8EB5-D461AA234906}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{645EF0BC-0936-4918-82BD-5473613694B6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6796B9B7-616F-4E2B-AC88-321C40BFB1B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6E9ECEAB-04DE-4CF5-B248-05FAFCE51250}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{7988F7CC-E852-4292-8849-D365308F6B1C}" = lport=9701 | protocol=6 | dir=in | name=syncup_tcp_9701 |
"{7B2ABBF3-2B8F-4AF2-8898-3E766869BA82}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A425D726-55DF-4341-AFB8-06814E1105C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD311DE2-CBA3-4C7A-9D9E-509F22439A5F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AD828451-810E-4B6F-8F27-4FB04D36DD7E}" = rport=445 | protocol=6 | dir=out | app=system |
"{BE422E72-3D81-4A25-A15C-CB83F4ED5557}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BEAA9B77-3E66-4407-89AB-7674F434E957}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C29A02C2-7779-45A9-B040-3E4FC9A38F55}" = lport=138 | protocol=17 | dir=in | app=system |
"{C7719405-648E-45AF-918D-469B5010F3FD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D07C923C-3665-4772-98BC-A1CA41134406}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D0E2A237-D1DE-43BF-9BC9-1C5378381881}" = rport=138 | protocol=17 | dir=out | app=system |
"{DB25ED65-A82D-46C3-9AC1-6F3D5C377960}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E5526404-C750-4B90-8C5F-7C117D1C07AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{EBDBE26B-267D-4F46-B520-E7B3907D7DE5}" = rport=137 | protocol=17 | dir=out | app=system |
"{EEA7D873-B183-446E-8596-553A8EB7FDF4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F0E11838-1508-4000-80B5-199E2DC98A3A}" = lport=9700 | protocol=6 | dir=in | name=syncup_tcp_9700 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09EEAA3F-F769-4527-8F11-E1EC65B643A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0B524D5B-7013-4C8C-A6ED-E3E18FA517A6}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0B9BAA5F-746D-459D-A715-9ED1C0A1695D}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{14A535B2-70AB-4D8E-836E-02EA1AD91E59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{157AB060-5786-4508-9F75-FDCC91354422}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{16B51A39-9D98-4664-8B46-95AA5B495776}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{188CD4D0-020C-460D-B710-EC3652955DA9}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{1BD6DFA1-EC04-4CDF-B311-55D7926CCC54}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{1CA14873-5CFD-4BB6-BD4B-F765244095B1}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{1D96B4DB-DFC3-41C1-8023-477B08D4A62F}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{1ECD6CBB-2AA5-43C9-8ECE-FE1958AA6405}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremote.exe |
"{1EF74F79-CFD1-48EC-AF63-B80807A12925}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{231F1258-BA1E-4ABE-A63D-0BCBCD8640DB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{25504C76-7FEF-4F00-A8CA-3610E21D9E63}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{29BDDEF2-1D6A-4799-A472-D1E6C90EFB5C}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\dmr.exe |
"{2F64EA03-7D12-41D9-87CD-CA12744B7AEF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{329D8120-5C39-4B39-9E93-4D91A00BD513}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{33E9EFBD-D6C7-4054-8021-B4F3397F9654}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{346ECFFE-147D-4A66-851E-01CBC804427B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EA77141-2235-4818-BE1A-474608679C92}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4512D263-D98C-4D07-AD5E-3234433483F8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{515F4D34-1EED-4930-9462-7C09B2576E7C}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{545D3947-7969-4287-9D2B-86BCAED913F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{56B60133-3047-4B69-881D-6E28125F2CAA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E3DBF76-6584-420D-ADB1-4472641B97E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6612785E-9B35-4254-BA87-0477745DEED8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{67364BA1-BC9C-4E96-B3C9-8D56AAF9EE21}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6CF4BF08-0344-48F9-AD1F-EBB94AD61AF6}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{71479164-AD79-4502-9507-57DACF726FC6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7177D2DF-3BE7-47B3-A64B-6EC4AF5753F8}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{772EEC68-A193-4E62-B138-263D89B528C3}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7F8FB72E-3D7B-4D3F-BE47-7686AE124DE9}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\controller.exe |
"{8F70AF71-1F29-4D5D-ACF8-CBCB68750B97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8FDC61EC-A995-4E4D-BD0B-B1CADF264AFC}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{9237CB5A-E25D-4144-93CB-DDA0F8ACEC89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{93251BFF-D2AC-48EA-9D83-1FD963786499}" = protocol=6 | dir=out | app=system |
"{988968B5-495C-41C9-8E97-987BC9C8DDD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99DA974B-A2FB-4DFF-973E-B83934FACCAB}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A3B9D52C-3D25-4E17-8B5A-0C11F0C3DEC9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A4A408A3-6B30-4B69-899E-D6E464694A97}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A6034EFD-3019-4AA6-B073-C2467CB712E6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A932D2BA-AF9C-4A98-A5D5-1BBB718AB3F3}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B5FE6105-B8A5-4E66-A509-01E2404E70C7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B824F7DE-4B5D-4FC3-B8D4-DD148C1F3720}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBCBB7DA-D695-4AEB-BA0D-08C0EAE95A45}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\stageremoteservice.exe |
"{C0555001-2F3D-463E-A307-BD90BB05F37A}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{C346BD50-463C-41CE-9DEF-B79CFEB4CC3E}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{C37F9E3A-2429-44D2-9D09-2E72C0FE5B69}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C6634E21-F5C7-4D8F-808B-4365C04600CF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C7BAEC82-EAE2-4DCC-A814-F49CBA280B62}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{C97B19FF-4056-4A65-B505-9E1353EDE7CA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{CBB62232-FCF6-4340-91E0-B198509163BD}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{D0CC3606-01C0-4F2D-BB45-FFBFE3835995}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{D6A4BB25-A42C-4B31-B837-86177C62383B}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{D7F45D40-77DA-4542-BA8A-F0E9A93D9E66}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E9778D99-0049-4A01-B227-74067F8AD6EC}" = protocol=17 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{EC2A9A24-8BA2-458B-B80B-DBE30068B928}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{F199B868-150F-4562-8395-FE3A2DAE364D}" = protocol=6 | dir=in | app=c:\program files (x86)\dell\stage remote\installerhelp.exe |
"{F45F8380-B06B-4C4A-BE26-5EF14E7376E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"PC-Doctor for Windows" = My Dell
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E90B7F4-1817-4405-B4A5-E4EA5EC0E2B3}" = Dell MusicStage
"{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}" = SyncUP
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AF7A3DF-581E-4AB7-ACAF-2051FF7E8ACF}" = Similarity 1.8.1
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF4D3C63-009B-4A17-B02E-D395065DD3F0}" = Dell Stage Remote
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92C9CCE-E5F0-4125-977A-0590F3225B74}" = SyncUP
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F57269-065E-4B19-8CDA-AB6C401FAF1A}" = Dell Stage
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Dell Webcam Central" = Dell Webcam Central
"Google Chrome" = Google Chrome
"MSC" = McAfee SecurityCenter
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Opera 12.15.1748" = Opera 12.15
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite" = Windows Live Essentials
"WT089409" = Bejeweled 2 Deluxe
"WT089411" = Build-a-lot 2
"WT089412" = Cake Mania
"WT089413" = Chuzzle Deluxe
"WT089414" = Diner Dash 2 Restaurant Rescue
"WT089415" = Dora's World Adventure
"WT089418" = FATE
"WT089420" = Jewel Quest
"WT089422" = Jewel Quest Solitaire 2
"WT089433" = Polar Golfer
"WT089434" = Escape Whisper Valley (TM)
"WT089440" = Namco All-Stars PAC-MAN
"WT089444" = Final Drive Nitro
"WT089445" = Penguins!
"WT089446" = Wedding Dash - Ready, Aim, Love!
"WT089448" = Zuma Deluxe
"WT089450" = Farm Frenzy
"WT089452" = Plants vs. Zombies - Game of the Year
"WT089499" = Final Drive Fury
"WT089503" = Samantha Swift
"WT089507" = Luxor
"WT089508" = Polar Bowler
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2732600908-1742709287-786376233-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.04.2013 13:27:34 | Computer Name = notebook-n5050 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Kindle.exe, Version: 1.10.5.40382,
Zeitstempel: 0x50bd934d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x6e6f6974 ID des fehlerhaften
Prozesses: 0xe1c Startzeit der fehlerhaften Anwendung: 0x01ce3f7e998c0430 Pfad der
fehlerhaften Anwendung: C:\Users\smenz\AppData\Local\Amazon\Kindle\application\Kindle.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: eae894c5-ab71-11e2-8111-844bf557795c
Error - 23.04.2013 03:58:53 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 23.04.2013 17:46:58 | Computer Name = notebook-n5050 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.17859,
Zeitstempel: 0x4fd2dfec Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000179aac
ID
des fehlerhaften Prozesses: 0xb00 Startzeit der fehlerhaften Anwendung: 0x01ce3ff84e970d67
Pfad
der fehlerhaften Anwendung: C:\windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\windows\system32\SHELL32.dll Berichtskennung: 52430078-ac5f-11e2-84db-844bf557795c
Error - 24.04.2013 06:39:03 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 24.04.2013 11:23:21 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2013 04:03:06 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2013 04:17:41 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 25.04.2013 08:28:12 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 26.04.2013 10:06:22 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
Error - 27.04.2013 04:45:52 | Computer Name = notebook-n5050 | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 15.05.2013 04:03:27 | Computer Name = notebook-n5050 | Source = DCOM | ID = 10010
Description =
Error - 15.05.2013 12:26:51 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde nicht
richtig gestartet.
Error - 19.05.2013 15:36:56 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7034
Description = Dienst "McAfee Scanner" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 30.05.2013 10:27:47 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Atheros Bt&Wlan Coex Agent erreicht.
Error - 05.06.2013 11:13:21 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
Error - 10.06.2013 07:35:08 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst eventlog erreicht.
Error - 10.06.2013 13:37:46 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 10.06.2013 16:42:29 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 10.06.2013 16:44:39 | Computer Name = notebook-n5050 | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 10.06.2013 16:45:36 | Computer Name = notebook-n5050 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
Habe nebenbei übrigens Opera als Browser runtergeladen! Nur so als Info! Und nutze jetzt Google Chrome und Opera statt Internet Explorer.
Solonia
Morgen markusg,
ich hab´grad den totalen Schreck bekommen, weil ich hier irgendwo gelesen habe, man sollte während der Säuberungsaktion möglichst keine Programme runterladen! Oh je, habe ich jetzt alles torpediert, als ich Opera runtergeladen habe?
Ich bin total neu in diesem Forum! Das wusste ich nicht! Sorry ...
Freue mich über Deine weitere Unterstützung und Anweisungen! Danke!
S. |
Textbox.