deltasearch - Fortfahren nach ADW-Cleaner/OTL
Hallo ihr lieben,
ich hab mir (mal wieder) den deltasearch eingefangen.
Wie beim letzten mal bin ich zuerst mit dem adwcleaner drüber.
Log: Code:
# AdwCleaner v2.306 - Datei am 04/08/2013 um 11:15:27 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Babuu - BABUU-HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Babuu\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Babuu\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Babuu\AppData\Roaming\Mozilla\Firefox\Profiles\a79pj5qc.default\searchplugins\Babylon.xml
Gelöscht mit Neustart : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Babuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Babuu\AppData\Roaming\SpeedAnalysis2
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5b538ddcb73abf47
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Users\Babuu\AppData\Roaming\Mozilla\Firefox\Profiles\a79pj5qc.default\prefs.js
C:\Users\Babuu\AppData\Roaming\Mozilla\Firefox\Profiles\a79pj5qc.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
-\\ Google Chrome v28.0.1500.95
Datei : C:\Users\Babuu\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2370] : homepage = "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=0EC5E6469AA57608&affID=119654&tsp=[...]
Gelöscht [l.2964] : urls_to_restore_on_startup = [ "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=0EC5E6469AA[...]
*************************
AdwCleaner[S1].txt - [3941 octets] - [04/08/2013 11:15:27]
########## EOF - C:\AdwCleaner[S1].txt - [4001 octets] ##########
danach OTL:
Estras: Code:
OTL Extras logfile created on: 8/4/2013 11:22:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Babuu\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.98 Gb Total Physical Memory | 6.37 Gb Available Physical Memory | 79.78% Memory free
15.96 Gb Paging File | 14.34 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.40 Gb Total Space | 849.18 Gb Free Space | 92.46% Space Free | Partition Type: NTFS
Drive D: | 13.01 Gb Total Space | 1.60 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 14.83 Gb Total Space | 0.22 Gb Free Space | 1.49% Space Free | Partition Type: FAT32
Computer Name: BABUU-HP | User Name: Babuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Babuu\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Babuu\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0305ECD4-3FB9-4DFB-8B63-0203ED8B2EF1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{04095E83-598F-46E3-91EC-6907B98F454B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{06820504-F4E1-4C4B-BB52-C454A4D173B9}" = rport=139 | protocol=6 | dir=out | app=system |
"{1EEB8006-6F93-49EC-A12F-3E79456411AD}" = lport=139 | protocol=6 | dir=in | app=system |
"{2419A4E9-F1D2-438C-A8E4-4B87C7F919F7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{29C067B2-5760-4608-BADD-AA4F0B6444F6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2C45D3BF-9864-4CB7-A2F3-6EA94FB23108}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E116AF8-909B-4CBB-9A52-BEE353D60176}" = rport=10243 | protocol=6 | dir=out | app=system |
"{657A566F-6C1E-40E4-9D27-50EC86A54CB9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{688E4960-6888-4E3E-B7ED-6036662CDEF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75517889-FE84-4B4B-9EE3-BEBF48102075}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{77CBB400-443A-4A4C-B88A-504B929F7CC7}" = rport=445 | protocol=6 | dir=out | app=system |
"{82F43524-DDCB-4601-9C28-D170429322A8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83CAE090-B894-4C55-BD53-68FECDB604F5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{862035EE-3B69-486B-AC7F-FE1FE3A7AAEC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{895464B9-E984-4523-BA20-46C6AF905CA3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{95218524-BBD1-43DF-AE45-EE7C1FBA8735}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9823F1A4-9E9B-4CA8-9739-C71149CC4B33}" = lport=138 | protocol=17 | dir=in | app=system |
"{9A20FE99-5F33-4DFA-BC5C-AB3E3EDA5954}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1D53D43-791A-4761-B03B-BCF6E20A7505}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A33AB0A6-3655-403F-AE90-78BA41C0FEC8}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A37B91E7-49FD-4247-875B-C9D62E985A37}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B91898E9-72D9-4DC1-A4D5-7759593945EB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA15DEB9-75E8-417C-BAC0-B3ED94643415}" = rport=137 | protocol=17 | dir=out | app=system |
"{CB394460-144D-4F60-962B-C17487D69A74}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF1085B8-C702-42CE-9A2F-2DF46CBB8FFA}" = rport=138 | protocol=17 | dir=out | app=system |
"{D03DE6C8-F503-4036-AECD-E1B898835AF6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D05AF2F7-7C28-4A42-B7B1-A47C226E5FC1}" = lport=445 | protocol=6 | dir=in | app=system |
"{DA08B39C-1C7C-4108-834A-5ACDB6AE336F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DE5A1545-A408-4327-A1A5-42C8B396A4EA}" = lport=137 | protocol=17 | dir=in | app=system |
"{EC9B3F55-8A73-4E6E-804F-8A7DC1FB954A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F8B2975A-0907-49F5-AF1F-844E455198F8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FCE1A036-AB74-4D2B-905D-B4ADA99B2158}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035318EA-0985-4A41-8FED-1346D36F6E2D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{06EAF4C8-47CD-45B8-8903-16490A349E5C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{08E35DD6-1FC2-4825-8152-5E5826516882}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0DF946B0-EBA5-4681-A480-A1A0A937C567}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{118F7F4C-49B6-4851-A128-1077B1D5971C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{183EFB62-95A1-4A9F-96C3-E5EB832BC5AD}" = protocol=6 | dir=out | app=system |
"{231EA630-747C-4485-85C3-B35F99F5EA12}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{24A9678A-FA27-4371-B1B3-CEEF5628AAA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2DEBD358-7CF7-435C-9B15-6E38C5BE6DAB}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{33B9D662-C952-47B0-BBF9-0374F21D06C5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4D46ECEB-5B77-473E-A874-9A22C621B8F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50D36FC7-98D1-4D0C-9DE1-446F9DE1DE06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54267206-3CAF-4898-B072-BA1FDCD57B12}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{5AB08F84-83BD-4C98-8A9B-84D77B992A9B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5C04822B-440B-4767-AD5B-0E5759F0A0A9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6042B43B-1610-48FD-8C21-CFA4512B64CB}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{6087CF76-5446-4B46-B06E-375827610A38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{71C18379-F7C6-408B-A9E8-DCF186513CFC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7866CA87-1327-40B0-8E05-337FA3DCB448}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe |
"{8073321B-CD10-4247-A399-4D842C2CA52A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{894E5A82-0398-4A80-9EBF-EB72C078DA20}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{9179C66B-A146-4949-B64E-F8402CBADC4C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99749EFB-1B5D-4A18-95AC-11B8040E17FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A288B48A-AFE3-4239-98EF-70AE842560E0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A6DE5228-4F61-476C-9030-813F68B528E4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AE429EA4-9C4D-4E21-BF69-3A7E61605413}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{B5344A58-CE55-47E5-AEBF-241B77721B67}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8EAA934-BF06-400D-A1F5-F2F9F0DDBFFB}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"{D7FD3CA6-DDE1-4581-BDA5-A7664EC4D74D}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{E7261B88-E04D-452E-80A7-03CF965653F8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EEBD81D8-2348-433F-BDA4-0C5BF8033B4B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{F1B43A5E-6647-4AA5-AC01-E3293675FD84}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F59DF94F-3705-44E9-8CB9-01401B7E1457}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe |
"TCP Query User{3A81C874-D86D-45B8-9501-79538D6F5618}C:\program files (x86)\microsoft games\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empires.exe |
"UDP Query User{46D580D6-A12A-45A5-9236-A4793B2AF776}C:\program files (x86)\microsoft games\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires\empires.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{054EF02F-95D8-48F4-9EEB-2F9CE3072ED8}" = AuthenTec TrueAPI
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414" = CanoScan LiDE 110 Scanner Driver
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}" = HP SimplePass PE 2011
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0DDDE141-9696-4E33-AB82-EF398169D7E5}" = Ulead PhotoImpact XL
"{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{50DE8CAF-EF44-40F5-A48E-22BD08492284}" = PE-DESIGN Lite
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information
"{7FB00B6B-6843-97EC-EED6-78BD6D35370A}" = Zinio Reader 4
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1" = Panda Cloud Cleaner
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{989FB5FD-9B00-4B32-8663-849CB1370DD1}" = Google Drive
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 N150 Wireless USB Adapter
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C01A86F5-56E7-101F-9BC9-E3F1025EB779}" = Intel(R) Identity Protection Technology 1.1.2.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D26F9059-EDE3-4C80-B793-04AE9143F779}" = eM Client
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{D35B72B6-F0E4-462B-BDEB-E08032B3B681}" = HP Setup
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB3147AB-4024-4773-8EC0-A1FE5B44933D}" = HP LinkUp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Empires" = Microsoft Age of Empires
"Avira AntiVir Desktop" = Avira Free Antivirus
"CanonSolutionMenuEX" = Canon Solution Menu EX
"EasyBits Magic Desktop" = Magic Desktop
"ElsterFormular 13.2.0.8623k" = ElsterFormular
"Embird 2010" = Embird 2010
"ESET Online Scanner" = ESET Online Scanner v3
"fdrawcmd" = Fdrawcmd.sys 1.0.1.10
"Freemake Audio Converter_is1" = Freemake Audio Converter Version 1.1.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"McAfee Security Scan" = McAfee Security Scan Plus
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"VIP Access SDK" = VIP Access SDK (1.0.1.4)
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WTA-047dcbd1-d85d-4e95-a4af-207b7780ecad" = Mah Jong Medley
"WTA-0896344f-517d-4f48-870f-ede04ff58a48" = FATE
"WTA-091af0d4-5116-4bfa-a996-3ae8c1f988dd" = Zuma Deluxe
"WTA-0d9353ae-4d48-4db4-bcfa-4a3b1e8750c4" = Farm Frenzy
"WTA-14685520-365c-4fcf-8a1f-c78fa2925611" = Mystery of Mortlake Mansion
"WTA-1cba82d2-e1aa-4023-b932-88a5398ff84c" = Penguins!
"WTA-24cc89b3-5ebd-4b94-a1fb-5aebd624ec62" = Chronicles of Albian
"WTA-2c8e2bbe-6a57-4e93-bc16-34c730f92168" = Vacation Quest - The Hawaiian Islands
"WTA-35a8be29-cf49-40f7-b9c1-0995ff938732" = Virtual Villagers - The Secret City
"WTA-3f17b283-7ae6-483c-8923-a8665eb1c4fd" = Jewel Quest Solitaire
"WTA-61653620-877d-4f2d-b338-50f94a8e5423" = Slingo Deluxe
"WTA-79303f1d-a987-4047-bb0a-29a4078aa964" = Bejeweled 3
"WTA-7ac1bf3f-e888-47f1-a2d7-5e3d25b7119a" = Agatha Christie - Peril at End House
"WTA-93db79b4-585c-4c4f-b6ac-0c0e96ec3fb8" = Polar Bowler
"WTA-a0874fd5-b427-4ed4-bf74-6cddd51e540f" = Cradle of Rome 2
"WTA-aa6241aa-1e52-4fe6-af51-f55bedc48356" = Bounce Symphony
"WTA-b2ac85e5-bbe8-4051-a47e-9562d1f2fee1" = Governor of Poker 2 Premium Edition
"WTA-e4717af7-c6e7-4323-9359-c3783f9400d3" = Plants vs. Zombies - Game of the Year
"WTA-e8c59721-78e5-4204-8c7f-b05f7d92e05c" = Chuzzle Deluxe
"WTA-eaa60950-b24b-4403-a53b-71013acb732a" = Jewel Quest: The Sleepless Star - Collector's Edition
"WTA-f36803df-0f34-48f5-99af-35801e20a458" = Namco All-Stars: PAC-MAN
"WTA-f507f17e-f1d3-4f12-9965-fdf13d9e23ff" = Cake Mania
"WTA-f7a19f8c-ea64-40b3-b8b7-41a82ebaa0c8" = Blasterball 3
"ZinioReader4" = Zinio Reader 4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-722544647-917449935-176176110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 7/14/2013 4:27:11 AM | Computer Name = Babuu-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: msfeedssync.exe, Version: 10.0.9200.16521,
Zeitstempel: 0x51207e1c Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000264 Fehleroffset: 0x00000000000cd7d8
ID
des fehlerhaften Prozesses: 0x3f7c Startzeit der fehlerhaften Anwendung: 0x01ce806be14ef91e
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\msfeedssync.exe Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 2dbbbb92-ec5f-11e2-8869-082e5f11ded9
Error - 7/14/2013 7:29:52 AM | Computer Name = Babuu-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Iedit.exe, Version: 8.5.3.0, Zeitstempel:
0x40b1ac24 Name des fehlerhaften Moduls: Iedit.exe, Version: 8.5.3.0, Zeitstempel:
0x40b1ac24 Ausnahmecode: 0xc0000005 Fehleroffset: 0x002de8c7 ID des fehlerhaften Prozesses:
0x6010 Startzeit der fehlerhaften Anwendung: 0x01ce808458007aeb Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact XL\Iedit.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact
XL\Iedit.exe Berichtskennung: b303b637-ec78-11e2-8869-082e5f11ded9
Error - 7/14/2013 12:55:56 PM | Computer Name = Babuu-HP | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 7/14/2013 1:04:00 PM | Computer Name = Babuu-HP | Source = Windows Backup | ID = 4103
Description =
Error - 7/15/2013 1:50:52 AM | Computer Name = Babuu-HP | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 7/15/2013 3:03:26 AM | Computer Name = Babuu-HP | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 7/17/2013 9:04:35 AM | Computer Name = Babuu-HP | Source = MsiInstaller | ID = 11722
Description =
Error - 7/17/2013 9:28:11 AM | Computer Name = Babuu-HP | Source = MsiInstaller | ID = 11722
Description =
Error - 7/18/2013 4:12:43 AM | Computer Name = Babuu-HP | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 7/20/2013 2:46:35 PM | Computer Name = Babuu-HP | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
[ Hewlett-Packard Events ]
Error - 4/1/2012 1:56:12 PM | Computer Name = Babuu-HP | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Das Objekt "/f14de69b_b5aa_45f0_b00a_20253c0307a0/5mrkqgfbxwle7jmtqzodprkk_5.rem"
wurde getrennt oder ist nicht auf dem Server vorhanden. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 8172 Ram Utilization: 10 TargetSite: Void UpdateDetail(System.String)
[ Media Center Events ]
Error - 7/27/2013 2:54:45 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 08:54:45 - Fehler beim Herstellen der Internetverbindung. 08:54:45
- Serververbindung konnte nicht hergestellt werden..
Error - 7/27/2013 2:54:50 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 08:54:50 - Fehler beim Herstellen der Internetverbindung. 08:54:50
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 1:55:30 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 07:55:30 - Fehler beim Herstellen der Internetverbindung. 07:55:30
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 1:55:37 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 07:55:35 - Fehler beim Herstellen der Internetverbindung. 07:55:35
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 2:55:42 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 08:55:42 - Fehler beim Herstellen der Internetverbindung. 08:55:42
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 2:55:47 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 08:55:47 - Fehler beim Herstellen der Internetverbindung. 08:55:47
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 3:55:52 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 09:55:52 - Fehler beim Herstellen der Internetverbindung. 09:55:52
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 3:55:57 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 09:55:57 - Fehler beim Herstellen der Internetverbindung. 09:55:57
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 4:56:02 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 10:56:02 - Fehler beim Herstellen der Internetverbindung. 10:56:02
- Serververbindung konnte nicht hergestellt werden..
Error - 7/28/2013 4:56:08 AM | Computer Name = Babuu-HP | Source = MCUpdate | ID = 0
Description = 10:56:07 - Fehler beim Herstellen der Internetverbindung. 10:56:07
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 7/17/2013 8:57:35 AM | Computer Name = Babuu-HP | Source = DCOM | ID = 10001
Description =
Error - 7/18/2013 3:05:03 AM | Computer Name = Babuu-HP | Source = DCOM | ID = 10001
Description =
Error - 7/18/2013 9:32:00 AM | Computer Name = Babuu-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?18.?07.?2013 um 15:00:35 unerwartet heruntergefahren.
Error - 7/19/2013 2:57:54 AM | Computer Name = Babuu-HP | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{EDB13B49-2FE3-4A81-A3BD-F8BFA44279A3} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 7/20/2013 4:45:43 AM | Computer Name = Babuu-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?20.?07.?2013 um 10:44:13 unerwartet heruntergefahren.
Error - 7/30/2013 1:57:45 PM | Computer Name = Babuu-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?07.?2013 um 19:56:23 unerwartet heruntergefahren.
Error - 8/1/2013 1:49:56 PM | Computer Name = Babuu-HP | Source = DCOM | ID = 10010
Description =
Error - 8/4/2013 4:32:22 AM | Computer Name = Babuu-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?08.?2013 um 10:30:13 unerwartet heruntergefahren.
Error - 8/4/2013 4:43:26 AM | Computer Name = Babuu-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?04.?08.?2013 um 10:41:54 unerwartet heruntergefahren.
Error - 8/4/2013 5:12:10 AM | Computer Name = Babuu-HP | Source = Service Control Manager | ID = 7031
Description = Der Dienst "WebCakeUpdater" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt:
Neustart des Diensts.
< End of report >
OTL: Code:
OTL logfile created on: 8/4/2013 11:22:06 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Babuu\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7.98 Gb Total Physical Memory | 6.37 Gb Available Physical Memory | 79.78% Memory free
15.96 Gb Paging File | 14.34 Gb Available in Paging File | 89.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918.40 Gb Total Space | 849.18 Gb Free Space | 92.46% Space Free | Partition Type: NTFS
Drive D: | 13.01 Gb Total Space | 1.60 Gb Free Space | 12.30% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 14.83 Gb Total Space | 0.22 Gb Free Space | 1.49% Space Free | Partition Type: FAT32
Computer Name: BABUU-HP | User Name: Babuu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/08/04 11:20:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Babuu\Downloads\OTL.exe
PRC - [2013/06/26 12:29:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013/06/26 12:29:10 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013/06/26 12:29:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/08/13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012/08/13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2011/06/09 15:37:18 | 000,264,008 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/06/09 15:37:00 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/06/09 15:36:34 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/05/06 02:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2011/03/30 10:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/02/25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/24 10:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/02/01 09:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 09:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011/01/04 16:34:12 | 004,545,024 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
PRC - [2010/08/04 15:44:24 | 000,266,240 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 22:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008/11/20 20:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2003/11/19 14:03:40 | 000,045,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
========== Modules (No Company Name) ==========
MOD - [2012/08/10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/01/04 16:34:12 | 004,545,024 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
MOD - [2009/08/28 17:50:18 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
========== Services (SafeList) ==========
SRV - [2013/06/26 12:29:59 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/06/26 12:29:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/06/11 23:40:44 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/09/27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/06/09 15:37:18 | 000,264,008 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/05/06 02:40:52 | 001,128,952 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2011/03/30 10:41:10 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/03/02 07:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 20:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/24 10:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/01 09:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 09:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/10/12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/10/11 12:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/22 00:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/08/04 15:44:24 | 000,266,240 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2010/06/02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/22 21:05:40 | 000,960,992 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/05/19 19:31:28 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/05/19 19:31:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/05/19 19:31:27 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/11 04:35:26 | 000,031,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmxdrv.sys -- (pmxdrv)
DRV:64bit: - [2012/02/11 04:13:56 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/02/11 04:13:56 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/04/26 21:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/22 12:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/03 19:59:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 13:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/11 02:11:00 | 001,924,096 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2010/07/27 20:45:46 | 000,180,224 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/07/27 20:45:46 | 000,078,848 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/28 05:09:50 | 000,032,408 | ---- | M] (simonowen.com) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fdrawcmd.sys -- (fdrawcmd)
DRV:64bit: - [2008/05/15 03:28:00 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2007/01/19 19:24:24 | 000,025,312 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV:64bit: - [2006/10/27 10:49:44 | 000,025,600 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bucrw64.sys -- (busbcrw)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6D1C4F59-012F-440C-B947-AA9319265BEB}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6D1C4F59-012F-440C-B947-AA9319265BEB}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\..\SearchScopes\{6D1C4F59-012F-440C-B947-AA9319265BEB}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKU\S-1-5-21-722544647-917449935-176176110-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage:
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Babuu\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Babuu\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
[2012/08/05 22:08:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Babuu\AppData\Roaming\mozilla\Extensions
[2013/08/04 11:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Babuu\AppData\Roaming\mozilla\Firefox\Profiles\a79pj5qc.default\extensions
[2013/08/03 18:13:49 | 000,000,000 | ---D | M] (Zula Games) -- C:\Users\Babuu\AppData\Roaming\mozilla\Firefox\Profiles\a79pj5qc.default\extensions\zulagames@ZulaGames.com
[2012/11/20 15:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/08/05 22:09:19 | 000,000,000 | ---D | M] (TrueSuite Website Logon) -- C:\Program Files (x86)\mozilla firefox\extensions\websitelogon@truesuite.com
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Babuu\AppData\Local\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Babuu\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Babuu\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Zula Games = C:\Users\Babuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5_0\
CHR - Extension: Website Logon = C:\Users\Babuu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-722544647-917449935-176176110-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [jswtrayutil] "C:\Program Files (x86)\NETGEAR\WNA1100\jswtrayutil.exe" File not found
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [Ulead AutoDetector] C:\Program Files (x86)\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Babuu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\S-1-5-21-722544647-917449935-176176110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-722544647-917449935-176176110-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDB13B49-2FE3-4A81-A3BD-F8BFA44279A3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/08/03 18:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[2013/08/03 18:14:19 | 000,019,456 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2013/08/03 18:13:49 | 000,000,000 | ---D | C] -- C:\Users\Babuu\AppData\Roaming\zulagames
[2013/07/17 16:02:30 | 000,000,000 | ---D | C] -- C:\Users\Babuu\AppData\Roaming\Avery
[2013/07/14 19:38:31 | 000,000,000 | ---D | C] -- C:\Users\Babuu\AppData\Local\Microsoft Help
[2013/07/14 19:38:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/07/12 10:59:31 | 000,000,000 | ---D | C] -- C:\Users\Babuu\StoffeShop
[2013/07/11 20:27:21 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/07/11 20:27:21 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/07/11 20:27:21 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/07/11 20:27:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/07/11 20:27:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/11 20:27:20 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/11 20:27:20 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/11 20:27:20 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/07/11 20:27:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/07/11 20:27:20 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/07/11 20:27:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/07/11 20:27:20 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/11 20:27:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/07/11 20:27:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/07/11 20:27:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/11 11:13:05 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/11 11:13:05 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/11 11:13:04 | 001,887,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/11 11:13:04 | 001,620,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/11 11:12:30 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/09 19:04:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avery
========== Files - Modified Within 30 Days ==========
[2013/08/04 11:24:56 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/08/04 11:24:56 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/08/04 11:22:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-722544647-917449935-176176110-1000UA.job
[2013/08/04 11:17:33 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/04 11:17:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/08/04 11:16:54 | 2132,406,271 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/04 11:16:01 | 000,000,195 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/08/04 11:06:59 | 000,001,122 | ---- | M] () -- C:\Users\Babuu\Desktop\Continue Zip Opener Installation.lnk
[2013/08/04 10:40:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/08/04 10:32:34 | 000,393,800 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/08/04 10:28:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/03 09:22:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-722544647-917449935-176176110-1000Core.job
[2013/08/01 15:13:17 | 000,004,918 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2013/07/31 07:27:59 | 001,614,036 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/31 07:27:59 | 000,697,072 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013/07/31 07:27:59 | 000,652,390 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/31 07:27:59 | 000,148,110 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013/07/31 07:27:59 | 000,121,064 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/29 18:13:31 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBabuu.job
[2013/07/27 13:10:00 | 000,000,030 | ---- | M] () -- C:\Windows\Iedit.INI
[2013/07/19 20:16:56 | 000,881,664 | ---- | M] () -- C:\Users\Babuu\Documents\visitenkarten4..1zdl.zdl
[2013/07/19 17:00:38 | 001,752,064 | ---- | M] () -- C:\Users\Babuu\Documents\visitenkarten4.zdl
[2013/07/19 16:49:47 | 000,882,176 | ---- | M] () -- C:\Users\Babuu\Documents\visitenkarten3.zdl
[2013/07/19 16:30:52 | 000,881,664 | ---- | M] () -- C:\Users\Babuu\Documents\visitenkarten2.zdl
[2013/07/19 15:59:09 | 000,881,152 | ---- | M] () -- C:\Users\Babuu\Documents\Visitenkarten.zdl
[2013/07/17 22:08:45 | 000,881,152 | ---- | M] () -- C:\Users\Babuu\Visitenkarten.zdl
[2013/07/17 15:54:21 | 000,067,990 | ---- | M] () -- C:\Users\Babuu\visitenkarte.jpg
[2013/07/15 23:09:32 | 000,012,899 | ---- | M] () -- C:\Users\Babuu\Tod.jpg
[2013/07/15 18:55:39 | 000,042,030 | ---- | M] () -- C:\Users\Babuu\Auraneu.jpg
[2013/07/15 18:51:28 | 000,055,279 | ---- | M] () -- C:\Users\Babuu\Shanti.jpg
[2013/07/15 18:50:40 | 000,081,622 | ---- | M] () -- C:\Users\Babuu\aura.jpg
[2013/07/15 18:50:31 | 000,059,873 | ---- | M] () -- C:\Users\Babuu\Nala.jpg
[2013/07/12 20:52:25 | 000,023,359 | ---- | M] () -- C:\Users\Babuu\Logotest2.1pink1-schriftneudawanda.jpg
[2013/07/12 20:17:40 | 000,039,053 | ---- | M] () -- C:\Users\Babuu\Logotest2.1pink1-schriftneu.jpg
[2013/07/12 20:15:24 | 000,039,170 | ---- | M] () -- C:\Users\Babuu\Logotest2.1pink1-schrift.jpg
[2013/07/12 20:02:23 | 000,036,810 | ---- | M] () -- C:\Users\Babuu\Logotest2.1pink1.jpg
[2013/07/12 20:00:39 | 000,036,895 | ---- | M] () -- C:\Users\Babuu\Logotest2.1pink.jpg
[2013/07/12 19:11:18 | 000,037,073 | ---- | M] () -- C:\Users\Babuu\Logotest2.1.jpg
[2013/07/12 11:01:14 | 000,063,885 | ---- | M] () -- C:\Users\Babuu\h630.jpg
[2013/07/11 15:33:55 | 000,036,983 | ---- | M] () -- C:\Users\Babuu\HintergrundLilberries2.jpg
[2013/07/11 15:32:04 | 000,298,928 | ---- | M] () -- C:\Users\Babuu\HintergrundLilberries.jpg
[2013/07/10 13:05:11 | 000,127,242 | ---- | M] () -- C:\Users\Babuu\ÜbergaberechtKatzen.pdf
[2013/07/09 20:14:05 | 000,037,045 | ---- | M] () -- C:\Users\Babuu\karte2.jpg
[2013/07/09 20:11:01 | 000,047,778 | ---- | M] () -- C:\Users\Babuu\karte1.jpg
[2013/07/09 19:25:26 | 000,008,097 | ---- | M] () -- C:\Users\Babuu\TestVisi.jpg
[2013/07/07 09:16:52 | 000,002,356 | ---- | M] () -- C:\Users\Babuu\Desktop\google.lnk
[2013/07/05 14:28:56 | 000,069,995 | ---- | M] () -- C:\Users\Babuu\Flynnjuli.05.2.jpg
[2013/07/05 14:28:35 | 000,073,477 | ---- | M] () -- C:\Users\Babuu\flynnjuli.05.jpg
========== Files Created - No Company Name ==========
[2013/08/04 11:06:59 | 000,001,122 | ---- | C] () -- C:\Users\Babuu\Desktop\Continue Zip Opener Installation.lnk
[2013/07/19 20:16:56 | 000,881,664 | ---- | C] () -- C:\Users\Babuu\Documents\visitenkarten4..1zdl.zdl
[2013/07/19 16:54:15 | 001,752,064 | ---- | C] () -- C:\Users\Babuu\Documents\visitenkarten4.zdl
[2013/07/19 16:49:46 | 000,882,176 | ---- | C] () -- C:\Users\Babuu\Documents\visitenkarten3.zdl
[2013/07/19 16:30:52 | 000,881,664 | ---- | C] () -- C:\Users\Babuu\Documents\visitenkarten2.zdl
[2013/07/19 15:59:09 | 000,881,152 | ---- | C] () -- C:\Users\Babuu\Documents\Visitenkarten.zdl
[2013/07/17 22:08:44 | 000,881,152 | ---- | C] () -- C:\Users\Babuu\Visitenkarten.zdl
[2013/07/17 15:54:21 | 000,067,990 | ---- | C] () -- C:\Users\Babuu\visitenkarte.jpg
[2013/07/15 23:03:29 | 000,012,899 | ---- | C] () -- C:\Users\Babuu\Tod.jpg
[2013/07/15 18:55:39 | 000,042,030 | ---- | C] () -- C:\Users\Babuu\Auraneu.jpg
[2013/07/15 18:51:28 | 000,055,279 | ---- | C] () -- C:\Users\Babuu\Shanti.jpg
[2013/07/15 18:50:40 | 000,081,622 | ---- | C] () -- C:\Users\Babuu\aura.jpg
[2013/07/15 18:50:31 | 000,059,873 | ---- | C] () -- C:\Users\Babuu\Nala.jpg
[2013/07/12 20:52:25 | 000,023,359 | ---- | C] () -- C:\Users\Babuu\Logotest2.1pink1-schriftneudawanda.jpg
[2013/07/12 20:17:39 | 000,039,053 | ---- | C] () -- C:\Users\Babuu\Logotest2.1pink1-schriftneu.jpg
[2013/07/12 20:15:22 | 000,039,170 | ---- | C] () -- C:\Users\Babuu\Logotest2.1pink1-schrift.jpg
[2013/07/12 20:02:22 | 000,036,810 | ---- | C] () -- C:\Users\Babuu\Logotest2.1pink1.jpg
[2013/07/12 20:00:36 | 000,036,895 | ---- | C] () -- C:\Users\Babuu\Logotest2.1pink.jpg
[2013/07/12 19:10:13 | 000,037,073 | ---- | C] () -- C:\Users\Babuu\Logotest2.1.jpg
[2013/07/12 11:01:14 | 000,063,885 | ---- | C] () -- C:\Users\Babuu\h630.jpg
[2013/07/11 15:33:55 | 000,036,983 | ---- | C] () -- C:\Users\Babuu\HintergrundLilberries2.jpg
[2013/07/11 15:29:25 | 000,298,928 | ---- | C] () -- C:\Users\Babuu\HintergrundLilberries.jpg
[2013/07/10 13:05:09 | 000,127,242 | ---- | C] () -- C:\Users\Babuu\ÜbergaberechtKatzen.pdf
[2013/07/09 20:14:05 | 000,037,045 | ---- | C] () -- C:\Users\Babuu\karte2.jpg
[2013/07/09 20:11:01 | 000,047,778 | ---- | C] () -- C:\Users\Babuu\karte1.jpg
[2013/07/09 19:20:40 | 000,008,097 | ---- | C] () -- C:\Users\Babuu\TestVisi.jpg
[2013/07/05 14:28:56 | 000,069,995 | ---- | C] () -- C:\Users\Babuu\Flynnjuli.05.2.jpg
[2013/07/05 14:28:35 | 000,073,477 | ---- | C] () -- C:\Users\Babuu\flynnjuli.05.jpg
[2013/07/03 13:50:30 | 000,062,039 | ---- | C] () -- C:\Users\Babuu\Manupp.jpg
[2013/07/01 15:16:00 | 000,067,459 | ---- | C] () -- C:\Users\Babuu\Fridabeide2.jpg
[2013/07/01 14:20:19 | 000,064,922 | ---- | C] () -- C:\Users\Babuu\Fridabeide.jpg
[2013/06/30 13:53:36 | 000,049,237 | ---- | C] () -- C:\Users\Babuu\Rebellanotizbuch.jpg
[2013/06/28 23:43:28 | 000,094,288 | ---- | C] () -- C:\Users\Babuu\logoblogneu.jpg
[2013/06/28 23:35:40 | 000,263,680 | ---- | C] () -- C:\Users\Babuu\logotestufoneu.ufo
[2013/06/28 23:32:27 | 000,186,368 | ---- | C] () -- C:\Users\Babuu\Erdbeerelogoufo.ufo
[2013/06/28 23:22:58 | 000,095,013 | ---- | C] () -- C:\Users\Babuu\LogoneuBlog.jpg
[2013/06/28 22:17:07 | 000,013,681 | ---- | C] () -- C:\Users\Babuu\fbavaneu.jpg
[2013/06/28 22:14:32 | 000,084,443 | ---- | C] () -- C:\Users\Babuu\Logoneu.jpg
[2013/06/28 22:09:25 | 000,084,447 | ---- | C] () -- C:\Users\Babuu\Logotest2.jpg
[2013/06/28 21:52:01 | 000,083,585 | ---- | C] () -- C:\Users\Babuu\Logotest.jpg
[2013/06/28 20:26:30 | 000,065,397 | ---- | C] () -- C:\Users\Babuu\ConnyMäpp.jpg
[2013/06/28 11:13:16 | 000,199,999 | ---- | C] () -- C:\Users\Babuu\vichyrosa.jpg
[2013/06/28 11:12:14 | 000,171,514 | ---- | C] () -- C:\Users\Babuu\vichygrün.jpg
[2013/06/28 11:08:42 | 000,114,701 | ---- | C] () -- C:\Users\Babuu\nora.jpg
[2013/06/28 11:07:37 | 000,205,756 | ---- | C] () -- C:\Users\Babuu\abverkauf2.jpg
[2013/06/28 11:06:57 | 000,141,169 | ---- | C] () -- C:\Users\Babuu\abverkauf1.jpg
[2013/06/28 10:18:38 | 000,007,884 | ---- | C] () -- C:\Users\Babuu\Ettikett.jpg
[2013/06/25 08:01:16 | 000,071,123 | ---- | C] () -- C:\Users\Babuu\beate12 - Kopie.jpg
[2013/06/24 19:54:00 | 000,044,801 | ---- | C] () -- C:\Users\Babuu\beate18.jpg
[2013/06/24 19:53:27 | 000,072,080 | ---- | C] () -- C:\Users\Babuu\beate17.jpg
[2013/06/24 19:52:25 | 000,043,673 | ---- | C] () -- C:\Users\Babuu\beate16.jpg
[2013/06/24 19:52:01 | 000,042,072 | ---- | C] () -- C:\Users\Babuu\beate15.jpg
[2013/06/24 19:49:29 | 000,054,377 | ---- | C] () -- C:\Users\Babuu\beate11.jpg
[2013/06/24 19:49:04 | 000,059,752 | ---- | C] () -- C:\Users\Babuu\beate10.jpg
[2013/06/24 19:48:41 | 000,057,615 | ---- | C] () -- C:\Users\Babuu\beate9.jpg
[2013/06/24 19:48:02 | 000,077,634 | ---- | C] () -- C:\Users\Babuu\beate7.jpg
[2013/06/24 19:47:36 | 000,580,096 | ---- | C] () -- C:\Users\Babuu\beate8.ufo
[2013/06/24 19:47:10 | 000,444,928 | ---- | C] () -- C:\Users\Babuu\beate7.ufo
[2013/06/24 19:43:26 | 000,053,734 | ---- | C] () -- C:\Users\Babuu\beate6.jpg
[2013/06/24 19:42:49 | 000,040,110 | ---- | C] () -- C:\Users\Babuu\beate5.jpg
[2013/06/24 19:41:58 | 000,064,346 | ---- | C] () -- C:\Users\Babuu\beate3.jpg
[2013/06/24 19:41:26 | 000,067,290 | ---- | C] () -- C:\Users\Babuu\beate2.jpg
[2013/06/24 19:40:33 | 000,101,795 | ---- | C] () -- C:\Users\Babuu\beate1.jpg
[2013/06/20 17:02:33 | 000,066,783 | ---- | C] () -- C:\Users\Babuu\Penelope3.jpg
[2013/06/20 17:02:17 | 000,068,466 | ---- | C] () -- C:\Users\Babuu\Penelope2.jpg
[2013/06/20 17:01:44 | 000,071,484 | ---- | C] () -- C:\Users\Babuu\Penelope1.jpg
[2013/06/18 22:33:57 | 000,037,123 | ---- | C] () -- C:\Users\Babuu\Bannerdawanda.jpg
[2013/06/18 22:07:54 | 000,006,954 | ---- | C] () -- C:\Users\Babuu\fbava.jpg
[2013/06/18 22:03:13 | 000,062,516 | ---- | C] () -- C:\Users\Babuu\Bloglogo.jpg
[2013/06/18 21:50:29 | 000,000,577 | ---- | C] () -- C:\Users\Babuu\Computer - Verknüpfung.lnk
[2013/06/17 18:55:56 | 000,064,755 | ---- | C] () -- C:\Users\Babuu\klee.jpg
[2013/06/17 18:24:48 | 000,044,427 | ---- | C] () -- C:\Users\Babuu\stoff2.jpg
[2013/06/14 18:29:59 | 000,030,288 | ---- | C] () -- C:\Users\Babuu\Bannerfblooks.jpg
[2013/06/14 16:51:03 | 000,085,463 | ---- | C] () -- C:\Users\Babuu\conny2.jpg
[2013/06/13 00:03:16 | 000,083,926 | ---- | C] () -- C:\Users\Babuu\Fridat.jpg
[2013/06/12 20:58:51 | 000,081,040 | ---- | C] () -- C:\Users\Babuu\frida2.jpg
[2013/06/12 20:58:30 | 000,095,896 | ---- | C] () -- C:\Users\Babuu\frida1.jpg
[2013/06/07 19:49:43 | 000,233,075 | ---- | C] () -- C:\Users\Babuu\selina.jpg
[2013/05/10 14:45:54 | 000,156,758 | ---- | C] () -- C:\Users\Babuu\Kidsbanner.jpg
[2013/05/06 19:33:59 | 000,206,886 | ---- | C] () -- C:\Users\Babuu\gurt.jpg
[2013/04/24 20:56:02 | 000,242,966 | ---- | C] () -- C:\Users\Babuu\Koffer2.2.jpg
[2013/04/24 20:55:50 | 000,232,610 | ---- | C] () -- C:\Users\Babuu\koffer2.1.jpg
[2013/04/24 11:55:46 | 000,213,315 | ---- | C] () -- C:\Users\Babuu\deckel.jpg
[2013/04/19 21:38:40 | 000,291,720 | ---- | C] () -- C:\Users\Babuu\Pferddigi.jpg
[2013/04/18 10:21:08 | 000,000,005 | ---- | C] () -- C:\Users\Babuu\AppData\Roaming\mbam.context.scan
[2013/03/28 19:42:36 | 000,005,262 | ---- | C] () -- C:\Users\Babuu\Sabinea.jpg
[2013/03/27 09:52:36 | 000,018,679 | ---- | C] () -- C:\Users\Babuu\Sonne.jpg
[2013/03/25 14:56:14 | 000,003,502 | ---- | C] () -- C:\Users\Babuu\böse.jpg
[2013/03/20 18:30:31 | 000,018,221 | ---- | C] () -- C:\Users\Babuu\Maus.jpg
[2013/03/02 20:49:17 | 000,044,691 | ---- | C] () -- C:\Users\Babuu\Couch.jpg
[2013/03/01 20:27:06 | 000,044,063 | ---- | C] () -- C:\Users\Babuu\monsta.jpg
[2013/02/28 21:39:05 | 000,013,264 | ---- | C] () -- C:\Users\Babuu\pferd2.jpg
[2013/02/25 21:25:34 | 000,059,229 | ---- | C] () -- C:\Users\Babuu\Knuddies.jpg
[2013/02/23 19:33:28 | 000,035,375 | ---- | C] () -- C:\Users\Babuu\Garderobe.jpg
[2013/02/22 22:10:09 | 000,084,022 | ---- | C] () -- C:\Users\Babuu\Pferdklein.jpg
[2013/02/22 20:40:12 | 000,068,227 | ---- | C] () -- C:\Users\Babuu\Pferd1.1.jpg
[2013/02/22 18:48:45 | 000,085,259 | ---- | C] () -- C:\Users\Babuu\Pferd.jpg
[2013/02/21 19:03:30 | 000,047,299 | ---- | C] () -- C:\Users\Babuu\Wurmtest.jpg
[2013/02/19 20:07:15 | 000,031,123 | ---- | C] () -- C:\Users\Babuu\Tattoofarbe.jpg
[2013/02/19 18:41:01 | 000,032,707 | ---- | C] () -- C:\Users\Babuu\Tattoonew.jpg
[2013/02/17 23:08:50 | 000,003,898 | ---- | C] () -- C:\Users\Babuu\tattooneu.jpg
[2013/02/17 23:01:48 | 000,007,594 | ---- | C] () -- C:\Users\Babuu\tattoo.jpg
[2013/02/17 22:55:11 | 000,005,280 | ---- | C] () -- C:\Users\Babuu\testxy.jpg
[2013/02/17 22:38:16 | 000,006,071 | ---- | C] () -- C:\Users\Babuu\test2.jpg
[2013/02/17 22:37:39 | 000,005,120 | ---- | C] () -- C:\Users\Babuu\test1.jpg
[2013/02/17 22:36:52 | 000,005,200 | ---- | C] () -- C:\Users\Babuu\test5.jpg
[2013/02/17 22:34:58 | 000,004,589 | ---- | C] () -- C:\Users\Babuu\test4.jpg
[2013/02/17 22:34:25 | 000,004,252 | ---- | C] () -- C:\Users\Babuu\test3.jpg
[2013/02/17 22:10:27 | 000,005,378 | ---- | C] () -- C:\Users\Babuu\tattooruth.jpg
[2013/02/17 21:54:06 | 000,004,682 | ---- | C] () -- C:\Users\Babuu\Text2.jpg
[2013/02/17 21:53:29 | 000,004,373 | ---- | C] () -- C:\Users\Babuu\Text1.jpg
[2013/02/15 12:06:52 | 000,039,803 | ---- | C] () -- C:\Users\Babuu\Lio1.jpg
[2013/02/15 12:06:37 | 000,044,313 | ---- | C] () -- C:\Users\Babuu\Lio2.jpg
[2013/02/13 14:46:58 | 000,039,728 | ---- | C] () -- C:\Users\Babuu\me.jpg
[2013/02/11 01:07:02 | 000,008,088 | ---- | C] () -- C:\Users\Babuu\ronja3.jpg
[2013/02/11 00:42:05 | 000,034,373 | ---- | C] () -- C:\Users\Babuu\Ronja2.jpg
[2013/02/10 23:07:03 | 000,029,985 | ---- | C] () -- C:\Users\Babuu\Ronja.jpg
[2013/02/07 17:56:58 | 000,043,075 | ---- | C] () -- C:\Users\Babuu\Flur.jpg
[2013/02/07 08:26:44 | 000,037,464 | ---- | C] () -- C:\Users\Babuu\´Draculaura.jpg
[2013/02/05 22:35:34 | 000,042,605 | ---- | C] () -- C:\Users\Babuu\Arbeitsplatz.jpg
[2013/01/30 19:30:22 | 000,011,625 | ---- | C] () -- C:\Users\Babuu\MeNia.jpg
[2013/01/29 23:16:10 | 000,027,999 | ---- | C] () -- C:\Users\Babuu\Pferdekopfskizze.jpg
[2013/01/29 00:27:26 | 000,007,944 | ---- | C] () -- C:\Users\Babuu\etsybanner.jpg
[2013/01/28 01:07:27 | 000,016,776 | ---- | C] () -- C:\Users\Babuu\fliepi.jpg
[2013/01/25 17:15:15 | 000,060,307 | ---- | C] () -- C:\Users\Babuu\paket3.jpg
[2013/01/25 17:15:03 | 000,072,011 | ---- | C] () -- C:\Users\Babuu\paket2.jpg
[2013/01/25 17:14:49 | 000,063,554 | ---- | C] () -- C:\Users\Babuu\Paket1.jpg
[2013/01/23 21:08:05 | 000,089,422 | ---- | C] () -- C:\Users\Babuu\hintergrundtest1002.jpg
[2013/01/23 20:57:38 | 000,089,187 | ---- | C] () -- C:\Users\Babuu\hintergrundtest1001.jpg
[2013/01/23 20:44:58 | 000,112,461 | ---- | C] () -- C:\Users\Babuu\hintergrundtest1000.jpg
[2013/01/23 20:02:16 | 000,178,980 | ---- | C] () -- C:\Users\Babuu\Hintergrundblog.jpg
[2013/01/23 19:58:20 | 000,005,120 | ---- | C] () -- C:\Users\Babuu\~Hintergrund.UAS
[2013/01/23 19:54:36 | 000,174,208 | ---- | C] () -- C:\Users\Babuu\Hintergrund.jpg
[2013/01/23 19:48:20 | 000,173,568 | ---- | C] () -- C:\Users\Babuu\~Blog2.UAS
[2013/01/23 19:38:15 | 000,076,376 | ---- | C] () -- C:\Users\Babuu\Blog2.jpg
[2013/01/23 19:32:10 | 000,077,549 | ---- | C] () -- C:\Users\Babuu\Blog.jpg
[2013/01/23 19:32:02 | 000,172,544 | ---- | C] () -- C:\Users\Babuu\Blog.ufo
[2013/01/23 19:06:26 | 000,042,102 | ---- | C] () -- C:\Users\Babuu\fbbanner2.jpg
[2013/01/23 18:57:59 | 000,054,353 | ---- | C] () -- C:\Users\Babuu\fbbanner.jpg
[2013/01/23 18:49:13 | 000,047,399 | ---- | C] () -- C:\Users\Babuu\Profilbildfb.jpg
[2013/01/23 18:40:34 | 000,033,702 | ---- | C] () -- C:\Users\Babuu\Profilbild.jpg
[2013/01/23 18:28:32 | 000,058,234 | ---- | C] () -- C:\Users\Babuu\Dawandabanner.jpg
[2013/01/23 17:51:32 | 000,058,445 | ---- | C] () -- C:\Users\Babuu\logodawanda2.jpg
[2013/01/23 17:45:29 | 000,043,979 | ---- | C] () -- C:\Users\Babuu\logodawanda.jpg
[2013/01/23 17:30:59 | 000,044,426 | ---- | C] () -- C:\Users\Babuu\Logo.jpg
[2013/01/06 15:43:26 | 000,267,528 | ---- | C] () -- C:\Users\Babuu\Maya.jpg
[2013/01/05 20:17:09 | 000,054,188 | ---- | C] () -- C:\Users\Babuu\Stoff.jpg
[2013/01/04 17:07:18 | 000,062,603 | ---- | C] () -- C:\Users\Babuu\Tashi.jpg
[2013/01/01 00:28:33 | 000,173,468 | ---- | C] () -- C:\Users\Babuu\silvester10.jpg
[2013/01/01 00:28:14 | 000,145,249 | ---- | C] () -- C:\Users\Babuu\silvester9.jpg
[2013/01/01 00:27:50 | 000,168,779 | ---- | C] () -- C:\Users\Babuu\silvester8.jpg
[2013/01/01 00:27:32 | 000,226,602 | ---- | C] () -- C:\Users\Babuu\silvester7.jpg
[2013/01/01 00:26:36 | 000,194,938 | ---- | C] () -- C:\Users\Babuu\silvester6.jpg
[2013/01/01 00:25:27 | 000,214,917 | ---- | C] () -- C:\Users\Babuu\silvester5.jpg
[2013/01/01 00:24:25 | 000,199,580 | ---- | C] () -- C:\Users\Babuu\silvester4.jpg
[2013/01/01 00:23:29 | 000,191,261 | ---- | C] () -- C:\Users\Babuu\silvester3.jpg
[2013/01/01 00:22:50 | 000,218,576 | ---- | C] () -- C:\Users\Babuu\Silvester2.jpg
[2013/01/01 00:22:00 | 000,208,397 | ---- | C] () -- C:\Users\Babuu\Silvester1.jpg
[2012/12/31 23:52:35 | 000,112,808 | ---- | C] () -- C:\Users\Babuu\Neujahr.jpg
[2012/12/30 20:57:17 | 000,258,110 | ---- | C] () -- C:\Users\Babuu\sesselbezug2.jpg
[2012/12/30 20:11:12 | 000,232,091 | ---- | C] () -- C:\Users\Babuu\Sesselbezug.jpg
[2012/12/30 17:58:23 | 000,214,516 | ---- | C] () -- C:\Users\Babuu\aufräumen3.jpg
[2012/12/30 17:58:10 | 000,154,067 | ---- | C] () -- C:\Users\Babuu\aufräumen2.jpg
[2012/12/30 17:57:53 | 000,199,038 | ---- | C] () -- C:\Users\Babuu\aufräumen1.jpg
[2012/12/30 16:44:11 | 000,190,994 | ---- | C] () -- C:\Users\Babuu\nähchaos3.jpg
[2012/12/30 16:43:22 | 000,179,817 | ---- | C] () -- C:\Users\Babuu\Nähchaos2.jpg
[2012/12/30 16:41:29 | 000,206,625 | ---- | C] () -- C:\Users\Babuu\Nähchaos1.jpg
[2012/12/26 17:30:23 | 000,152,190 | ---- | C] () -- C:\Users\Babuu\Zum Geburtstag.jpg
[2012/12/26 16:59:57 | 001,093,120 | ---- | C] () -- C:\Users\Babuu\Rose.ufo
[2012/12/16 18:00:48 | 000,055,368 | ---- | C] () -- C:\Users\Babuu\LiloNala4.jpg
[2012/12/16 18:00:22 | 000,048,546 | ---- | C] () -- C:\Users\Babuu\LiloNala3.jpg
[2012/12/16 17:59:39 | 000,059,956 | ---- | C] () -- C:\Users\Babuu\LiloNala2.jpg
[2012/12/16 17:58:43 | 000,042,003 | ---- | C] () -- C:\Users\Babuu\LiloNala1.jpg
[2012/12/15 11:14:58 | 000,016,834 | ---- | C] () -- C:\Users\Babuu\SkizzeMaria.jpg
[2012/12/14 15:51:10 | 000,062,069 | ---- | C] () -- C:\Users\Babuu\Pickelchen.jpg
[2012/12/06 21:30:08 | 000,086,355 | ---- | C] () -- C:\Users\Babuu\Michaela.jpg
[2012/11/22 21:08:36 | 000,099,271 | ---- | C] () -- C:\Users\Babuu\Arbeitszimmer.jpg
[2012/11/20 15:10:47 | 000,000,120 | ---- | C] () -- C:\Windows\WINRESAZ.INI
[2012/11/20 14:49:17 | 000,000,165 | ---- | C] () -- C:\Windows\WINÙS…ÏÈ.INI
[2012/11/19 17:09:08 | 000,019,684 | ---- | C] () -- C:\Users\Babuu\AppData\Local\internal.grp
[2012/11/19 17:07:02 | 000,393,256 | ---- | C] () -- C:\Windows\SysWow64\CNQ2414N.DAT
[2012/11/18 15:14:10 | 000,000,030 | ---- | C] () -- C:\Windows\Iedit.INI
[2012/05/22 15:53:46 | 000,007,680 | ---- | C] () -- C:\Users\Babuu\ElsterEinkommenssteuer2011.elfo
[2012/05/22 15:31:12 | 000,007,010 | ---- | C] () -- C:\Users\Babuu\ElsterEÜR2011.elfo
[2012/03/07 15:02:11 | 000,000,071 | ---- | C] () -- C:\Windows\pex.INI
[2012/03/07 09:44:29 | 000,004,918 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2012/02/19 20:55:29 | 000,000,048 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012/02/11 04:36:10 | 000,002,792 | ---- | C] () -- C:\Program Files\HP SimplePass 2011
[2012/02/11 04:28:38 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
...ab hier bräuchte ich eure Hilfe!!
Vielen lieben Dank!!! |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 