Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Ungültiges Bild (https://www.trojaner-board.de/162116-ungueltiges-bild.html)

Splintefakt 23.12.2014 19:20
Ungültiges Bild
 
Hallo trojaner-board

ich habe gerade meinen PC Neugestartet, da ich keine Internetverbindung mehr hatte ( obwohl ein Signal empfangen wurde)
Es kam die Meldung www.microsoft.com wäre bereits ausgeführt.
Nach dem Neustart kommt beim Starten oder öffnen von Dateien folgende Meldung:

[CODE]C:\Progra~2\Search~1\Search~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler. Installieren Sie das Programm mit den Originalinstallationsmedien erneut, oder wenden Sie sich an den Systemadministrator oder Softwarelieferanten, Um Unterstützung zu erhalten.

Nach einer Recherge im Internet bin ich auf eure Seite gestoßen und hab mich registriert.

Ein OTL Scan hab ich durchgeführt hier das Ergebnis:OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 23.12.2014 18:38:20 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,40 Gb Available Physical Memory | 68,79% Memory free
15,71 Gb Paging File | 13,10 Gb Available in Paging File | 83,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,54 Gb Total Space | 483,53 Gb Free Space | 70,84% Space Free | Partition Type: NTFS
 
Computer Name: LUKAS-PC | User Name: Lukas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Lukas\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Lukas\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A178B2B-3DC2-4484-A39E-B8FE73232C8F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{0B29A28E-0B3D-4641-977F-3EAECFE831CB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{11708989-9ED4-47A8-8546-791C1C4473D1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{189AAD75-5876-49F2-A8A1-F56C89F755A1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1A5EE22D-326D-4441-9515-CC86627362E2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{1CC658A7-6563-4567-AC49-DAA65E1FCAB0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E260F9B-0B1C-46BD-B9AB-04AFA6E1970D}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{2D0F1BC5-EE7C-4B19-B22D-9D31966D841E}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{307ACCEF-A8EA-4A08-90CD-983832463270}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5541C238-7627-4788-B93A-FCE4CA142B8C}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{596EC8B7-A116-4E65-9C36-19964F9469A6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6120215F-58AD-4C2E-9AF1-A22A95E949E4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7CDC0AB2-274C-4858-B038-786DFFF53C2C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7F2E821E-4B4E-4242-A928-CB3C912517E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{80463CB0-A17A-4CDF-854B-074E90A1723A}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{83C13085-9AC5-42B3-AE46-12B6D7B1003E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{840D7842-27CE-4413-9545-B6FD2097B858}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8546905F-E104-4F0A-9E39-3E5043294909}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8AFA062B-BC6B-4772-BD2C-5ACF7AD8A037}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{907CA977-C4C0-4C8D-A92F-C3B579C715B7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A9C5FB17-C056-4DA9-AFE8-A88A7069B05F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0BBDACE-2938-45FE-87EC-0D1942C1FE93}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{D1656CC8-EC77-4FA3-9E31-AE7120171DF0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{DCC51412-2547-4549-9F05-EACEF74D0F9D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EA4E9587-8235-437B-8B93-6BBDBD6F4D5D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F911BD42-9A9D-4208-B178-67F609A27CD5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FB5A2DE1-5C4A-410E-814E-DA4E71EB1D4A}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C51F2D-14F4-4A81-84E7-AC5CD3CB8A97}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{0445DAB1-B6C7-4C52-BF64-0FDD0552E844}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{0452B608-C47E-4355-8822-D075C9C033E3}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{08CFDC39-1F7B-4838-AE0D-9DE8B1CC2ABD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 (demo)\tools\benchmark.exe |
"{12AFCA41-8390-4023-AC13-F422D509F122}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{139A51C6-5070-4784-8EC6-15CD0536D31A}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{15759629-7B88-457C-B0A9-25CD1985F92F}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\faxapplications.exe |
"{15AD9A1E-26D4-4946-94EC-F1020581DCB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{15FF3E31-D93A-4395-B907-454AC0FA25E9}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\sendafax.exe |
"{16BE4FA7-EE5F-4754-8AF8-207B999C0C49}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{17992167-7E77-4942-8DBF-6DD752876735}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{17FDE036-76D9-4F2B-AC4D-619FBB8CA8DC}" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\apps\2.0\wjr7vyv9.1h2\40zrv06p.6dm\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{1AD8CCB0-6632-408E-A894-CA1149B95635}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1BAC9A71-BFD1-4EF0-85AA-A1C201BC457B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{1DA17773-0392-4AB2-93B3-79EAE95F5C8C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms trailer\smp.exe |
"{21AC6699-BE28-488A-A089-EF73C835EC8C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{247F1CAE-42A7-40DD-B6B3-89C39C9C9CC8}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{24D95948-5B0B-45D4-8359-38CD8C3A91DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2711463A-590A-46A1-9325-D274FD193FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{321FCA22-FA75-46DC-A5EE-28FBD0C8DF05}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{36DE6434-C69F-446D-B99F-10AFEF444106}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{38EF60A9-BE4F-435A-9DDA-14876FED296D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
"{4099B509-8179-42BF-99F8-CB8C86906154}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{44D92C25-4A48-4699-9774-71AD9332E82F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{473EE263-1387-4C2D-B567-F0D42B355A5B}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\devicesetup.exe |
"{491290BD-5BFB-495E-8E15-D3FABF559A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{4BC10B2F-9B5D-4C27-A7A5-AA46B73556A0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4C73E2DD-2FE2-4E32-9614-DA78776C0A99}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4C801000-BA28-44E9-9F6B-5E3692AD48E3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{502160C2-DD99-4DFB-8347-F6EFC5973EBE}" = dir=in | app=c:\windows\syswow64\mpk\mpkview.exe |
"{5205BAC0-13E7-43F4-A3F1-ACDA99DCC15B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{55F15143-4FE1-43B5-8963-125997A07C14}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{56C0BC8A-CA93-4C95-960C-5B4DF9CF3341}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{57831880-46B0-44D5-9A67-A643459102C4}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{5C5C36F0-686F-41BA-B2CA-34D9EFE953A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D4E2663-0B8D-4A8E-8FF3-86AC5336295E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{5DA4C35B-EB22-4586-A927-0BF5C08F002F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5DFED2A2-A50F-44DD-8308-4982085CD8FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{6177E672-A0FB-47AA-9B63-419855717657}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{639718C9-9668-42B4-9FB5-D57EBBF1E525}" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\akamai\netsession_win.exe |
"{663C0F21-A57A-47D1-AAF2-59BF6E278DC2}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{67214E6B-8CDD-401D-B044-BE165B40718B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{68B114C2-7A96-4C6E-8C1E-717CB339B930}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{6A834379-B77E-4D77-B11A-5A449B5E4857}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{710B9893-D69D-418E-B291-A669E0043121}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{78BA5FD0-1871-4EA6-BF8C-9C60EB1CEF64}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{78E04DEB-EFF9-4C1F-8533-F8DA31CC9310}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{7A03C5DB-1580-457B-8E68-B57137F0C0A8}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{7A1B12EE-D3D2-491F-8629-49B37CE538AC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 (demo)\anno4.exe |
"{7BA51869-FC44-4C82-AD33-6B18CE7B88B3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{7ECE3216-14A9-46BD-981E-DE160B865573}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{7EFC5ED4-68D7-4967-80C5-CC08F079FD92}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{7F37571E-1607-4136-BEAE-779C67C47ADC}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{8299B670-E969-4BFB-9B15-E45E906FE5CA}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{82FD8C47-C508-4C15-B24D-DFAE1D914CB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{84941D4D-1ACF-4DE9-A420-E4EBECE6AF65}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{865B9E56-CD76-4AFC-9E4C-D57C70F64183}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{88288C37-6E87-4F60-864E-818400BDD7E7}" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\apps\2.0\wjr7vyv9.1h2\40zrv06p.6dm\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\curseclient.exe |
"{884FE867-C7D3-456D-B94A-538819DAA590}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\hpnetworkcommunicatorcom.exe |
"{8A4D979A-309C-4EB0-9D1C-815F24DFB8A5}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 (demo)\anno4.exe |
"{8B029A1B-1ACC-4EEB-89E1-04E48CBB064A}" = protocol=6 | dir=in | app=c:\users\lukas\appdata\roaming\spotify\spotify.exe |
"{8BB8FD62-CE44-4F6F-B8D1-B9CE43EFB325}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{8D1C906A-BAF9-4726-9F67-B429CD6815CB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\related designs\anno 1404 (demo)\tools\benchmark.exe |
"{8EE6836B-3114-4BE7-BB2C-37866A7CF726}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{8EEF77BE-343B-47C8-BE28-73423289B9F1}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe |
"{92333B50-2617-4826-800F-1A0E0C363E98}" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\akamai\netsession_win.exe |
"{948003DF-A078-489C-A682-7156301D75FC}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{95A34B06-B795-49FC-9F0D-D4F1B142ED13}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{9607D225-3F7C-4440-B64B-0DA5302F8B89}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9846C739-811C-4F08-8D51-C0683EAB7169}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{9AF77687-5C82-4EFD-88DA-B233DF1FE72D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{9B8AD784-CA3A-4E5C-B472-E645C14B437D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9D731ABB-F81F-42A6-99AE-76B64ABE3E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{9DFAA854-43BA-4A65-89E2-D92DB4BF29A5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{9E179BE4-4B1A-4398-96BE-90088EEC458F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"{9F8FD7D0-7A25-4D48-8397-5F4835481DDC}" = dir=in | app=c:\program files\hp\hp officejet pro 8610\bin\digitalwizards.exe |
"{9FB1EF1A-AB8B-48A4-BE1B-7DE52BA6C4CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{A4AC94DC-CA6D-42FB-B38A-127911BB2C9D}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A660CB0E-E924-45C7-A22E-8D84BB2A8AE6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{AA84D47D-2CFD-456F-88DF-F10996BB3E12}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{AB9DF117-64CD-42C6-AE05-DC2F2B3931A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC0D9830-3745-4E3A-A716-CB62432215A0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{AD44E845-0BF5-4F5D-9CE2-392DB8B10B9C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{AD9B0E1D-D02A-477B-A762-CAE96DD9CA0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF843E13-7C89-4BFD-A7CF-768EFCFEAD97}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B01A5248-7D0E-40E5-B92C-3B01556C1F6F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{B5ADCE47-96D4-44E5-B5B6-FDA3FE636DB2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B704695F-08B3-4E4D-A540-85322E100D14}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B735233C-FDB7-4250-B7CA-FDF203AC571C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B86095A9-18AB-46FE-8C3D-0C94A747A814}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{B88FA802-7E6B-4E00-9E54-7113A9EA7066}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B8E63EA0-2035-4812-A0C4-A904AFEB6868}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B90BEEF4-EE35-4594-9176-34EE1D6F6AED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BAADF399-1C55-4B2C-8EE0-3C4318904BF8}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{BBE9D1D1-270A-4626-9594-261C8193BDEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{BCD5C453-AE06-461B-98E3-2900E7A4299F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{C0E0DCC1-0D4B-4D56-8217-F8BF1E190CF5}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{C34C7B68-8412-4333-A2A5-6C7D870851FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
"{C4E68E30-5E99-4434-8894-923A573938B4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{CB0307E4-01A4-4B29-94CF-2660A464326E}" = protocol=6 | dir=out | app=system |
"{CB6E44DF-21DF-4107-844C-13F7E1FAE255}" = dir=in | app=c:\windows\syswow64\mpk\mpk.exe |
"{CC438BA1-AB11-4FCA-8829-191A84CE8191}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold kingdoms trailer\smp.exe |
"{CD20C5FB-4B40-49ED-AF7A-43AC6DF0424B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D9390908-774B-4E21-B302-05A9FD14A5F8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D9E6AC72-00A7-47BB-8CEA-B506992A1EC9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{DDDF49C7-45F8-482F-BEB8-5E959182FB04}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{DF43320D-53A3-47E8-92CB-0F86E64E3FDF}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe |
"{E14D44F4-AB4D-4537-A5E2-654048AAA3AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E37D46D8-A2DB-4E7E-9214-EE7D0CCB3EDF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{E433F7ED-1576-4562-BFD8-34A258F36757}" = protocol=17 | dir=in | app=c:\users\lukas\appdata\roaming\spotify\spotify.exe |
"{E9EE3DEE-5C49-4792-808D-D1F6ACD935B6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{F0D34133-EEA1-4CF6-B487-DB9423EC798C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{F124A94C-F74F-40E9-8F58-F94474668F96}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"{F2DCD9FD-C784-44FD-B11B-3666FF71B43B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{F2ED8D3E-9BAE-465C-9D15-6179157C3F19}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F2F9CC20-38BF-4E08-A267-1CF76718D651}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires online\spartan.exe |
"{F3DA62BC-1687-4B27-B70E-E7F6216BE43F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2000\agent.exe |
"{F3E6FCC7-6B61-480F-BE1A-FAD208CECE2C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3EB7010-4F06-44B3-9449-BCD94676C922}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{F6DD25AB-8B1E-4BDF-8D4F-5C41B797A0D9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAC6E006-2F74-4223-9142-247656F49A8A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stronghold3\bin\win32_release\stronghold3.exe |
"{FD2A9AC2-2906-426C-A767-C00165B8C0AA}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FE0871FA-F987-4CE1-851A-65AE1C2CF19C}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{099ED87E-646F-4222-8815-37AD2A4B22B5}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{1B22242B-F76D-4C12-887D-9BA22D379DD8}C:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{1E93E046-7ABC-4C83-A562-E16B74EFC149}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{3FCD2770-2289-4327-A9DA-FC5B8403EE4C}C:\users\lukas\appdata\local\iw4m\iw4m.dat" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\iw4m\iw4m.dat |
"TCP Query User{4D0A79AD-9583-4311-A17F-34B8C987D455}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{609BF49E-C1FE-4F6D-BB14-B9B0ADBEC80E}C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe |
"TCP Query User{7196A539-CD49-48F0-BDAD-0C0876C3BC1B}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"TCP Query User{7C53F428-6D04-4752-82CC-F33F6F55B045}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{9BBC7AFD-3F8E-4021-B87D-1B1D30AB1CE5}C:\program files (x86)\blobby volley 2 version 1.0\blobby.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blobby volley 2 version 1.0\blobby.exe |
"TCP Query User{A2C7ED81-5313-4A80-859B-8EDBE5D52613}C:\users\lukas\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\temp\electronicarts_patcher_000.exe |
"TCP Query User{B41522F2-B3DF-4B45-8734-B5EF5B3B4DD1}C:\program files (x86)\blobby volley 2.0 version 0.9b\blobby.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blobby volley 2.0 version 0.9b\blobby.exe |
"TCP Query User{CC26CC15-F7A8-4148-AA54-14531A3D2032}C:\users\lukas\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\roaming\spotify\spotify.exe |
"TCP Query User{DDFAA744-FBD0-49D3-9B73-B06CC66C2A8E}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{E33BAA0B-CFD1-49FA-84B2-228BF58EFB49}C:\nexon\combat arms eu\engine.exe" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"TCP Query User{E4837858-5C17-4B05-BF4D-D6AECB216B08}C:\users\lukas\appdata\local\microsoft\age of empires online\spartan.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\microsoft\age of empires online\spartan.exe |
"TCP Query User{EB35CB2B-E1E9-4673-B5C8-A04F030B488F}C:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe |
"TCP Query User{EBBCFE26-5290-4DC8-AAA2-306F01323B6D}C:\bluebyte\siedler3\s3.exe" = protocol=6 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"TCP Query User{FDC57D39-8826-40AD-B725-CB4723327012}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
"UDP Query User{024DEF06-F1C5-468A-8E2C-8CD42C4AECF7}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{033DA755-7F72-4C1B-A63B-EF954683CC21}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{4ACE5145-266C-481B-AF27-7F54C95207DA}C:\program files (x86)\blobby volley 2 version 1.0\blobby.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blobby volley 2 version 1.0\blobby.exe |
"UDP Query User{77429947-C76B-4719-A7BC-6D2452F3EEBB}C:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
"UDP Query User{77528F48-3840-4228-9D6A-1202A8C4B032}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{8FB5802B-D0CC-4865-90FA-5C97D1B7870F}C:\program files (x86)\blobby volley 2.0 version 0.9b\blobby.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blobby volley 2.0 version 0.9b\blobby.exe |
"UDP Query User{993D5A52-9C26-4621-85B8-981843E23B58}C:\users\lukas\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\roaming\spotify\spotify.exe |
"UDP Query User{AA6CA9F7-C04C-468E-A42B-05DBD02EAD8B}C:\nexon\combat arms eu\engine.exe" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\engine.exe |
"UDP Query User{ACAC8C8A-D5F1-4D95-A187-E1908970F4D2}C:\users\lukas\appdata\local\iw4m\iw4m.dat" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\iw4m\iw4m.dat |
"UDP Query User{B6FBE9B8-1B03-4F11-BB91-B2C385E6800B}C:\users\lukas\appdata\local\microsoft\age of empires online\spartan.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\microsoft\age of empires online\spartan.exe |
"UDP Query User{CC089559-97B2-46F6-A793-F5788365D45E}C:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{DD15ECCA-65B7-4286-8715-E42CB31F17EB}C:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\roaming\gameranger\gameranger\gameranger.exe |
"UDP Query User{DFF4FBBE-DC76-4283-8735-290AD66C1CFC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{E0970384-CC59-404C-9B0D-684D5FF57BFC}C:\bluebyte\siedler3\s3.exe" = protocol=17 | dir=in | app=c:\bluebyte\siedler3\s3.exe |
"UDP Query User{E3ADFE05-F6A8-48F5-8E0F-FBF6C05CCC56}C:\users\lukas\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\temp\electronicarts_patcher_000.exe |
"UDP Query User{F2851479-E284-4D39-8A84-573836FB8F51}C:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe |
"UDP Query User{F5F48C56-D082-42CB-A09A-81D0AD1FE247}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe |
"UDP Query User{FDB22282-48E1-4D34-ACE1-D1FAFC661FDE}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08CCD7B4-9EED-4926-805D-C4FFF869989A}" = ProShield
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{180500C1-57BB-3AA8-8E55-DCD5ECD16537}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
"{1D8BE3A3-7BA2-4E27-93D5-645342B6801E}" = HP Officejet Pro 8610 - Grundlegende Software für das Gerät
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23F2C78C-E131-4CA0-8F84-3473FB7728BA}" = Microsoft Security Client
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 327.02
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 11.10.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.20
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{C214301F-F5D7-36D9-B3A2-1467C5586495}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"O365ProPlusRetail - de-de" = Microsoft Office 365 ProPlus - de-de
"Process_Hacker2_is1" = Process Hacker 2.23
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{012CBD7F-A194-4F34-B02A-713DA8C10735}" = Movie Maker
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"{023701CB-8DC0-477C-93B7-48CCE446B678}" = Windows Live Writer Resources
"{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}" = Συλλογή φωτογραφιών
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0496AEAF-27A8-483A-ACB0-BF4B4D51F148}" = Windows Live Mail
"{05C0B4A9-DF70-4C05-BAEF-E21CFF3E7C7C}" = Movie Maker
"{060689B2-F271-4D1B-9E53-97FACB1FD107}" = Windows Live Essentials
"{0647875D-34DC-49E3-853C-265FCB30DD0A}" = Windows Live Writer Resources
"{06738361-EB60-40D7-84BC-7807ED7EF282}" = Fotoğraf Galerisi
"{078F45F3-4A17-47BA-8309-0B287198FFFA}" = Windows Live Essentials
"{07944A8A-9045-4C4C-9EB0-1C2E171E3008}" = Photo Common
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{0942F310-B35F-4E01-BA7C-75055AAEC710}" = Galeria fotogràfica
"{0A958D81-B6FB-4BB2-82A8-67469F2D54AB}" = Movie Maker
"{0B2DD869-32D0-4AED-99B7-1DD10A434733}" = Windows Live Writer Resources
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C22AFC1-F5B5-4FC5-B620-0326D4AE1053}" = Windows Live UX Platform Language Pack
"{0C252A38-F134-4AE1-B8B1-239062FCA9F4}" = Windows Live Writer
"{0EB158FA-41B3-49CF-8AE5-6C6F470AD29D}" = Photo Common
"{0F51F5B3-D447-4FAA-AAC2-7F2ED103FCC7}" = Windows Live Mail
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}" = Movie Maker
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{106C581A-4CFB-499E-896F-78AB1CFE34C1}" = Photo Common
"{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{18C928E6-31F0-4DD5-BD4D-55FBCF599712}" = Windows Live UX Platform Language Pack
"{192A8B63-AC47-421D-A99B-209DA51257DE}" = Windows Live Writer Resources
"{1998BD95-54C6-4F31-8D85-FE9FCF5DE51D}" = Galeria de Fotos
"{1A68E3D6-7B89-4C9F-AF3E-8ED4FF79FB0C}" = Windows Live UX Platform Language Pack
"{1EFB835F-DD75-48EC-BB3D-1A71CF604457}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FFA47A6-6FE1-4CAB-B778-9584DD8118EB}" = Movie Maker
"{207DA277-6A6D-4863-B535-129931D2BB21}" = Galeria fotografii
"{22C58DA3-FA02-4DD3-8C5B-23570411E95B}" = Windows Live Writer Resources
"{234BD64C-99F4-42B5-837F-82F00E37A7E1}" = Фотографии (общедоступная версия)
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{245C4CCD-8829-469C-9278-2BA330BEB8F4}" = Valokuvavalikoima
"{245D0CEB-18C1-40C4-8113-B235335911A5}" = Windows Live Writer
"{2466D8D5-4856-4492-BDEF-48A640F58866}" = HP Officejet Pro 8610 Hilfe
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26536744-B969-4F6D-A09B-009A902CF550}" = Windows Live Messenger
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{278FC815-162D-459D-A42F-B3D8120E9725}" = Windows Live UX Platform Language Pack
"{2809D777-E57C-48AA-A266-77725C1B35AC}" = Windows Live Writer
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{2A17BB1D-6850-4BEA-993A-A9E7447B6C50}" = Windows Live Messenger
"{2A32CF5E-58A3-4428-919C-8958A6A4D034}" = Windows Live Writer Resources
"{2AA8DFE5-8FCC-4802-BE31-CF05921BD966}" = Photo Common
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2B6D488C-B5EC-4F2D-A155-97D664DC88AD}" = Windows Live Writer Resources
"{2B7CCFEB-1AAF-4449-87D2-226181FAD5D1}" = Windows Live Messenger
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1" = Drakonia Configurator
"{2F2363F9-102C-448B-8E3E-02FCFE78A28D}" = Movie Maker
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x86
"{30ADC681-8493-4955-B3E9-A08D4DAF316F}" = Windows Live Essentials
"{3162D9D4-122C-4ADE-8D1C-C45487F94135}" = Photo Common
"{3206854C-84DC-4BB0-9CDF-25BC3826810B}" = Windows Live UX Platform Language Pack
"{3272CD17-7958-452A-8E6E-8C85CFFDBEDF}" = Windows Live UX Platform Language Pack
"{356BAE2E-3A48-4A6F-8BC6-AC62D50ECFA3}" = Windows Live Messenger
"{378A207D-EF26-48C5-BD96-61DAFCAB6BDC}" = Windows Live Messenger
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{379DA4C6-8C91-4F36-9D25-F08E8959E0DF}" = Poczta usługi Windows Live
"{3C60C40A-934A-4008-B68B-E70F58420AA1}" = Windows Live Essentials
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E344FF7-19C8-401C-AF67-080B0E78010D}" = Windows Live Messenger
"{3F3C94C4-C251-4D3B-B810-1C0319B8ACAD}" = Windows Live Temel Parçalar
"{403DF733-3CA6-4EE8-AB9B-CB12C70D6651}" = Windows Live Writer
"{40F4FF7A-B214-4453-B973-080B09CED019}" = Install Absolute Data Protect
"{41B80DF0-47D5-46BC-98BD-8B07AD3B6AF4}" = Photo Gallery
"{4224D19D-2E7D-4E90-97A4-20C654B28AB8}" = Windows Live Essentials
"{42B5E627-BC08-4670-A924-4FEDD96EC875}" = Windows Live Writer Resources
"{42BBCEDB-11B6-4244-940C-491D5058EF63}" = Photo Common
"{43D76858-62CC-4DE3-808B-22C964F45950}" = Windows Live Writer Resources
"{44B4333A-60A6-4FFC-BCC5-B0ECA23D2AAB}" = Почта Windows Live
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{46804E41-834A-4A0A-BC77-D4A744D78E8C}" = Windows Live Essentials
"{46BC55A2-B4CE-46B5-8303-A2076B899505}" = Windows Live UX Platform Language Pack
"{47824255-3AD0-400A-851A-FCC69553FE66}" = Windows Live Essentials
"{49B81645-3BF5-414E-95F1-7EC95E9980AE}" = Windows Live Messenger
"{49C33228-53FB-4614-BC1E-BEA5A8A560AC}" = Windows Live Writer
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BA4C083-1C8D-452F-920B-3614FDA5B7EF}" = Windows Live Writer Resources
"{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}" = OpenOffice.org 3.4
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D68A255-5F98-4F8D-A1E7-D50F23D0FA02}" = Photo Gallery
"{4F4A4FBF-133D-460E-8617-6D48E0A2B4E4}" = Windows Live Writer Resources
"{4FB56489-F34B-42AA-9437-FB9E0B0543F7}" = Movie Maker
"{50B9AFE8-CC65-4C04-9ADD-1BD3FFD95498}" = Movie Maker
"{510807D0-219E-43ED-973F-A382FEA66039}" = Movie Maker
"{54398E78-431B-41A0-A8F2-3600D5A1290C}" = Windows Live Messenger
"{566E862A-6CFD-4CFD-A2BB-69C81A08176E}" = Windows Live UX Platform Language Pack
"{56E09C8A-4F24-4E39-999D-FB48CC981184}" = Photo Common
"{579E68B2-07A9-4CBB-840B-ED0E64879F45}" = Windows Live Writer
"{57E9679B-A7D2-4662-A96B-B6A4F64420D8}" = Movie Maker
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5A5B6AA4-8849-4038-9A8D-D7F9947EE8FE}" = Photo Common
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5B11ED63-D7E1-4117-B4B8-6C3560DCB49A}" = Windows Live Mail
"{5B91D34E-B583-4E08-BB48-4F18086A0DB7}" = Movie Maker
"{5BB69DE8-2C96-4B6E-8DE2-E2E75C3AE729}" = Windows Live Mail
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}" = Photo Common
"{5D8D0138-115F-4122-974B-3A3410E0E922}" = Windows Live Messenger
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{5E51C0BA-F349-405A-80AB-20CD10FEFE90}" = Photo Common
"{602643BD-3C18-4ADE-B4A1-192F93D443EA}" = Windows Live UX Platform Language Pack
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{636F485A-2053-43FA-BE1D-CC27CDA4A0AC}" = MSynth 1.5 alpha
"{6389F199-1D6C-4974-9557-693F9DD48736}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{659302BC-D70C-4308-BAE5-1903434BF078}" = Movie Maker
"{65DD4DDD-659D-4962-91A8-5143A1E43BBC}" = Windows Live Mail
"{686725C1-56F8-45DE-ADB1-9970B965FD8B}" = Windows Live Writer Resources
"{6A65306E-0478-4701-9DA5-E906F32FBB54}" = Windows Live Mail
"{6B122B50-C78D-4E73-A721-F6D126BFEF0C}" = Windows Live Messenger
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BA68C11-0B63-4192-B880-0B5E3F7949F9}" = Windows Live UX Platform Language Pack
"{6C733559-AD1B-49D6-B5B9-87516A185468}" = Movie Maker
"{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}" = Galeria de Fotografias
"{6E027BEA-AEFF-4AFB-9449-7CE7AE32085D}" = Movie Maker
"{6F77C156-7660-4CEC-8793-97D80D5BFEC0}" = معرض الصور
"{6FC792D1-A898-4FFF-AC41-7682C439A54B}" = Movie Maker
"{705C31EB-E0AB-4C1F-A834-993F9E08B085}" = Movie Maker
"{70E5B14F-90ED-4D3D-A136-7851C9190942}" = Windows Live UX Platform Language Pack
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7116FA24-DDDF-4E50-A44E-46BB93951E99}" = Windows Live Writer
"{71603280-2C9D-4578-B162-16FCC1002D9E}" = Windows Live Messenger
"{722CD95C-98C7-4E73-925A-68D2D4F651A6}" = Photo Common
"{74A3278B-6F1B-4400-9DB4-6F4644836946}" = Photo Common
"{763944C0-4CF7-473E-BEF3-9E6C9ACF5AD3}" = Windows Live Essentials
"{765D66D1-A924-4801-BC22-D0D7E0DDDEAF}" = Windows Live UX Platform Language Pack
"{767BF3D9-EC05-40BA-84BA-2B06C6B88FB2}" = Windows Live UX Platform Language Pack
"{7693587D-5D66-4208-ABEA-C370217D1D9B}" = Movie Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{780291FE-0D39-441E-BE3D-7A820951C3D4}" = Photo Common
"{7881716A-5DA3-4B3F-A3CC-E63676E5CF78}" = Windows Live Messenger
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DF4802-2B2B-4333-99AF-363C2F93D476}" = Windows Live Writer Resources
"{7A546E5C-0906-42CC-92DF-B2E787FFA7D2}" = بريد Windows Live
"{7A9122B2-CF90-4ACB-8E10-AA83F725916B}" = Основные компоненты Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7C6F0282-3DCD-4A80-95AC-BB298E821C44}" = Windows Live Writer
"{7DB15F28-5E38-476A-A773-EA07EAEAB1B3}" = 影像中心
"{7DCC86BF-83C1-4A34-A11E-795A33C90AD1}" = Windows Live Writer
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{804F148E-1C6B-4580-BD3B-2D5DDDEB27D8}" = Windows Live Writer Resources
"{81369E8E-4E3A-444E-85FA-7AF85B0FCE80}" = Photo Common
"{829CFCB1-11AF-4935-B5B0-92F2B4FC2A46}" = Windows Live Writer Resources
"{82A7E300-CB80-4084-8BB5-423F2D6908B1}" = Windows Live UX Platform Language Pack
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8759AF6E-CBB2-44AD-AFEB-4DC129D15977}" = Windows Live Mail
"{87E79A55-EBF1-472F-BCAD-4A631B9A69A5}" = Фотогалерия
"{89870E0D-9602-41F8-9E83-14F6849346A4}" = Windows Live Mail
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{8A8C14FF-8C17-4396-8E7B-7D9DB25F2F2F}" = Photo Common
"{8A947874-4D45-45F7-9FB4-5162BF27AD05}" = Windows Live Mail
"{8C55FF2F-D9AC-4EBC-8AA2-90E2552634C0}" = Windows Live Writer Resources
"{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}" = Fotótár
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E038DF1-B140-46D6-9D82-1BDF8DC56764}" = Movie Maker
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E8688D3-49F0-4FD4-A3F7-C1C789891752}" = Windows Live Writer Resources
"{8E8AA7A0-CB3D-4909-B382-0BE05B3C75D1}" = Windows Live Messenger
"{8F63EC89-EBF5-466B-82B3-B9AFF63AF0C8}" = Windows Live Mail
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{915E9C8A-C6EF-4CE7-9C51-F83EB810AE80}" = Windows Live Mail
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92CB8532-845F-4818-90CD-726D59E98637}" = Photo Common
"{92E22997-3614-4ED9-9D53-C6C09B105BE9}" = Fotogalleri
"{9498AAF7-0D2A-430E-A2B0-8EBF23DB0C05}" = Windows Live Essentials
"{950A1CCB-A4CA-4170-8BF7-BE52D05CB29A}" = Argazki Galeria
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D1EC47-BD61-4775-B662-1F40EDAF0927}" = Windows Live Mail
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99640CF0-5FE6-4574-87EE-D0A2EE5076AD}" = Windows Live Messenger
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{99B05E60-87AF-48D9-9047-71485E7E505F}" = Windows Live Messenger
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6D5C94-386A-4DE7-B99F-523D3F167B9A}" = Windows Live Messenger
"{9D30784B-4FA7-4BF7-B6D4-D6A494E2A366}" = Pošta Windows Live
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A18681FF-9745-436F-A013-6FC1A7F7EC67}" = Windows Live UX Platform Language Pack
"{A52DB080-D445-49EB-90D2-03B9CD794511}" = Photo Common
"{A5F3EF0E-38AF-40CE-A4A6-FEA5ADEF27EF}" = Windows Live Mail
"{A65D55A2-58B6-4FBA-9E5C-CD6A220C8A7F}" = Photo Common
"{A6AC699F-8315-40CA-8F70-E917494978AB}" = VirtualDJ Home FREE
"{A774AD11-2856-47E1-93B8-6515A6A70BDE}" = Windows Live Mail
"{A86A50FC-7C22-478B-BAEF-82393328825F}" = LastChaosGER
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA806DB1-E882-4834-8102-B5F256BE9A2F}" = Windows Live Essentials
"{AAA709C7-B0A4-46E2-9729-26CF887852D5}" = Windows Live Writer
"{AAA94EAA-40A4-458C-9D86-D1DA765B51D5}" = Windows Live Writer
"{ABED20E9-BC86-49D2-B44C-FBB01DC3DE07}" = Windows Live Writer
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.12) MUI
"{AD6302CE-4F94-4515-958C-7631360B765A}" = Windows Live Mail
"{ADEB1E6F-1C01-4EEB-A551-8E3F8CD2F35F}" = Windows Live UX Platform Language Pack
"{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = ES603 WDM Driver
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{AEFAF1CC-9688-402B-A3E3-7E8F2043874C}" = Windows Live Writer
"{AF5F7099-F9B8-4C91-ABA0-AEF9F74EC607}" = Windows Live Writer Resources
"{B0C8B706-2387-461B-B3DF-BCE59B96ED0D}" = Windows Live Writer
"{B1865FCC-BE34-4800-AF2F-FB0120821B6A}" = Movie Maker
"{B1AC8AF0-2979-4DF8-AE26-B1D543F3543F}" = גלריית התמונות
"{B234C135-729B-4AAE-AA2B-6ECCB85AD5FC}" = Photo Common
"{B286BAC3-CBE6-4854-BF68-EB72A34CEA56}" = Windows Live Messenger
"{B37E0634-F4EC-4ABC-AC85-B099B7D960C4}" = Windows Live Writer
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B3A6E8D5-3664-43EE-B200-3428A3220A8B}" = Windows Live Messenger
"{B47ABA49-627A-440B-A205-CC57A4734476}" = Windows Live Writer
"{B524274D-5B48-4DCC-8C1D-3D66A35B3685}" = Windows Live 程式集
"{B526044F-6936-42A7-BE07-1974C93133C3}" = Photo Common
"{B5D81102-EFE5-4A7B-BE60-019E07C1BD93}" = Windows Live Messenger
"{B6481EDC-44A1-43DA-B11A-32B110CFCC3A}" = Windows Live Writer Resources
"{B6FF40EA-AEF2-46FF-9516-9A6512901B97}" = Windows Live Mail
"{B79EE44A-428E-4983-A366-7CD70545681F}" = Windows Live Essentials
"{B98389D4-5E94-4504-83F0-D727DE67D280}" = Windows Live Messenger
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BADEEBDE-ABAF-4650-9149-51614651A1A0}" = Windows Live Writer Resources
"{BBD6A9F7-F8B4-4754-AA7A-0516778DAB72}" = Photo Common
"{BBFCB394-78EB-45D4-BAC6-809AB1DF5F83}" = Windows Live Mail
"{BDD0222F-D1C2-47DB-ABBE-62EB4F887A56}" = Windows Live UX Platform Language Pack
"{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}" = Windows Live UX Platform Language Pack
"{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}" = Fotogalerija
"{BE787419-ACA7-48A6-B1B4-E9D3FBFCB7D2}" = Windows Live Writer
"{C0018D63-C33C-4515-9CE8-3BC8830F79A1}" = Photo Gallery
"{C10418B5-6099-4121-8DFB-D3DFB8B916DB}" = Movie Maker
"{C156E7D3-D8B1-4303-BE38-99CE675C393D}" = Windows Live Writer
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C41063EC-0B6A-4099-8CE1-0BE603447845}" = Windows Live Writer Resources
"{C4557453-4DB0-4D45-8CD1-B098026A407D}" = Windows Live UX Platform Language Pack
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C6CD2B66-ED44-4A84-893A-328A01749AB8}" = Windows Live Writer
"{C756EBFA-E5E7-43C6-9D0B-C7FBAF6218B8}" = Windows Live Messenger
"{C82E0493-CDCF-4583-8DAE-59CC7EC4B2FE}" = Windows Live Messenger
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC6FAF4B-6576-4AD7-BE61-74C2FE083749}" = Windows Live Messenger
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CE4EEFE0-85E0-436E-95C5-BCB2EE30C976}" = Фотоальбом
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFB460E-F119-43BE-AED9-3E5B31396F72}" = Windows Live Messenger
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}" = Windows Live Mail
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{D3A7E344-4732-4340-9E90-C3EB372711CD}" = Windows Live UX Platform Language Pack
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{D8A6F3FE-6F4A-48B1-87E0-718BC20140AE}" = Windows Live Writer
"{D8CDB8E5-4203-4A99-8E75-98AD55103506}" = Windows Live Messenger
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{DA3042C3-0112-4BBA-81EE-49A07085E7EC}" = Windows Live UX Platform Language Pack
"{DAA742AD-F959-4BD5-B5EB-E4AB593707FE}" = Windows Live Essentials
"{DAD92257-9160-45F6-B6C4-2DA354DCC5A9}" = Windows Live UX Platform Language Pack
"{DB6F7BFE-873C-4843-8FC2-8D71FCD84C7C}" = Windows Live Writer Resources
"{DD1837CE-7CC3-4B86-9007-CEB978A840BF}" = Windows Live Messenger
"{DD351214-3151-4A87-B22F-AE2B58F1575F}" = Windows Live Writer
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}" = Internet Explorer Toolbar 4.8 by SweetPacks
"{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live
"{DE9C585C-8578-4A8A-B92A-BA8DF2540E21}" = Movie Maker
"{DEE5D26C-EEE8-4D83-96D3-4F7D595D0FC4}" = Windows Live Essentials
"{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}" = Microsoft Visual C++ 2010 Express - DEU
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E13497F0-4C28-47A0-B994-4D5E6D0F64A2}" = Windows Live Mail
"{E169436E-49D8-419B-A5C0-D245EAF99611}" = Movie Maker
"{E17E9D6F-1E3C-424A-BF8B-BF48A0384FDC}" = Movie Maker
"{E227781E-2D8A-4C22-890C-2A07F4B2D266}" = Windows Live Mail
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E3BF5D73-A024-4257-8160-5FAC3C8DE39F}" = Windows Live Mail
"{E3E8006D-3DD9-40DF-9171-1EDE1023E57C}" = Windows Live Mail
"{E5603D65-60FC-47A6-AAC3-D5448227E963}" = Windows Live Writer
"{E60B6034-A80D-4D9B-93FB-38B286EB3886}" = Windows Live Writer
"{E6A5CD26-26E6-4F8D-AA98-D3DADF70B437}" = Windows Live Writer
"{E6FEFE9A-73C3-457B-ADF0-9865FFC5B3B3}" = Windows Live Essentials
"{E98E2A33-05D1-476B-B81B-40F4BD957056}" = Windows Home Server-CD zum Wiederherstellen von Heimcomputern (Dual-Boot-Version)
"{E9D80CE7-2849-4195-B1B2-3E24469059E3}" = Windows Live Messenger
"{E9D9E3A3-DE98-4A64-B67A-F3802B4C5BB3}" = Windows Live Writer
"{EC5B21B9-9AC6-4892-9E1B-C98D30AB0395}" = Windows Live UX Platform Language Pack
"{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}" = Windows Live Essentials
"{ECD07D50-05C3-40E6-A10E-A371AC7E4B8A}" = Windows Live Writer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE4C3B7B-ABFD-4985-9F16-3361031E4475}" = Windows Live Essentials
"{EE999A5F-3D40-4475-BBD3-FB867C93D77F}" = Windows Live Essentials
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F077FF52-187F-406C-ABC9-222A693D1883}" = Windows Live UX Platform Language Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F19A804E-851F-47BB-B962-C5F07DD691A5}" = Windows Live Writer Resources
"{F1A79BDD-A47F-441B-954D-EE045C379EBB}" = Windows Live Writer Resources
"{F25C8769-16B6-4B19-BB0B-76F213829AC6}" = Movie Maker
"{F2CEE664-F9A3-4235-A11A-42B15884F4D4}" = Windows Live Mail
"{F2EC7F21-AC7D-430E-AC53-5A40686A6596}" = Windows Live Writer
"{F38BCC33-D42A-44EB-B62F-B3BB89B29FAF}" = Fotogalleriet
"{F45E6106-4877-4298-92E7-0948015560C2}" = Windows Liven peruspaketti
"{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}" = Galerie de photos
"{F4DC3E82-471A-4949-A311-7AE803D203E1}" = Windows Live Essentials
"{F5350A47-59EE-4A4C-BDBF-05A17F0B8CEB}" = Windows Live Writer
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{F6F71B24-7A25-4332-9376-3F5C762F7E23}" = Movie Maker
"{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}" = Galería de fotos
"{F8160DBB-110E-4A6E-94F2-0A829C2F584A}" = Windows Live Writer Resources
"{F875E135-31C5-4C4D-929F-D49E6332E7F1}" = Photo Common
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8B27E21-6CE7-48E6-9D6C-D7241DAC3C9A}" = Windows Liven sähköposti
"{F964FB61-334B-470B-AB8E-19DF19FC3CD7}" = Photo Common
"{F9B9F5AA-D604-47A7-9238-22A664DBED16}" = Windows Live Messenger
"{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}" = Podstawowe programy Windows Live
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FA40A77E-F3D5-45DF-9BC3-2E2E36C543B7}" = Windows Live Writer Resources
"{FA6BC7A5-85B3-4DC2-825C-D508E386151A}" = Raccolta foto
"{FBA73805-0F67-428B-8E4F-FAE16A452685}" = Photo Common
"{FC5F20C5-C44E-40DE-927C-4C7D7994912F}" = Windows Live Messenger
"{FC61AFC2-1E8A-4364-B653-A07AC748FFE9}" = Windows Live Mail
"{FCBD5760-450D-4A3B-82B4-FBA2816B49BD}" = Windows Live Messenger
"{FCF46EBE-4637-4A0D-8CE2-C39897A2D7E1}" = Galerie foto
"{FD5C55EA-B850-4EB7-BAD9-07F118E38AB9}" = Windows Live Writer
"{FD5D64EB-DC61-4026-AF47-585B39F19341}" = Galerija fotografija
"{FF2DE2F0-A25E-4AE6-A2E0-056665520F1C}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFA96194-06E0-4B30-A0D5-90A257350659}" = Windows Live Writer Resources
"{FFCF82EC-895F-4AC8-925E-3412FE25EF62}" = Windows Live Writer Resources
"5513-1208-7298-9440" = JDownloader 0.9
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"DAEMON Tools Lite" = DAEMON Tools Lite
"Family Tree Builder" = MyHeritage Family Tree Builder
"Fraps" = Fraps
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.32.327
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Acer Crystal Eye Webcam
"InstallShield_{08CCD7B4-9EED-4926-805D-C4FFF869989A}" = ProShield
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = EgisTec ES603 WDM Driver
"istartsurf uninstall" = istartsurf uninstall
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft Visual C++ 2010 Express - DEU" = Microsoft Visual C++ 2010 Express - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Opera 24.0.1558.53" = Opera Stable 24.0.1558.53
"PokerStars.eu" = PokerStars.eu
"PunkBusterSvc" = PunkBuster Services
"Revo Uninstaller" = Revo Uninstaller 1.95
"SearchProtect" = Search Protect
"Shotcut" = Shotcut
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 8870" = BioShock Infinite
"SweetIM Bundle by SweetPacks" = SweetIM Bundle by SweetPacks
"System Explorer_is1" = System Explorer 3.6.2
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 7" = TeamViewer 7
"VMware_Player" = VMware Player
"Windows Essentials Codec Pack" = Windows Essentials Codec Pack 5.0
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 23.12.2014 12:15:10 | Computer Name = Lukas-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden.  DETAIL -
 Das System kann die angegebene Datei nicht finden. 
 
Error - 23.12.2014 12:15:39 | Computer Name = Lukas-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden.  DETAIL -
 Das System kann die angegebene Datei nicht finden. 
 
Error - 23.12.2014 12:15:42 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 23.12.2014 12:26:35 | Computer Name = Lukas-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht. 
 
Error - 23.12.2014 12:26:54 | Computer Name = Lukas-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 1.2.26.326,
 Zeitstempel: 0x5332d01c  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x73616c63  ID des fehlerhaften
 Prozesses: 0x144c  Startzeit der fehlerhaften Anwendung: 0x01d01ecd2d104b44  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 8102a841-8ac0-11e4-95d0-005056c00008
 
Error - 23.12.2014 12:56:31 | Computer Name = Lukas-PC | Source = Application Hang | ID = 1002
Description = Programm mbam.exe, Version 1.0.0.532 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 154c    Startzeit:
 01d01ecf4d0fccc0    Endzeit: 0    Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID:
 a235e22f-8ac4-11e4-95d0-005056c00008 
 
Error - 23.12.2014 12:56:43 | Computer Name = Lukas-PC | Source = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe | ID = 131073
Description =
 
Error - 23.12.2014 13:22:22 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 23.12.2014 13:26:26 | Computer Name = Lukas-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden.  DETAIL -
 Das System kann die angegebene Datei nicht finden. 
 
Error - 23.12.2014 13:26:26 | Computer Name = Lukas-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542
Description = Die Klassenregistrierungsdatei kann nicht geladen werden.  DETAIL -
 Das System kann die angegebene Datei nicht finden. 
 
[ System Events ]
Error - 13.12.2014 12:26:57 | Computer Name = Lukas-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

        Neue
 Signaturversion:      Vorherige Signaturversion: 1.189.1870.0    Aktualisierungsquelle:
%%859    Aktualisierungsphase: %%853    Quellpfad: hxxp://www.microsoft.com    Signaturtyp:
%%800    Aktualisierungstyp: %%803    Benutzer: NT-AUTORITÄT\SYSTEM    Aktuelle Modulversion:
      Vorherige Modulversion: 1.1.11202.0    Fehlercode: 0x8024001e    Fehlerbeschreibung: Unerwartetes
 Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
 oder zur Problembehandlung finden Sie unter "Hilfe und Support".
 
Error - 13.12.2014 12:26:57 | Computer Name = Lukas-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

        Neue
 Signaturversion:      Vorherige Signaturversion: 1.189.1870.0    Aktualisierungsquelle:
%%859    Aktualisierungsphase: %%853    Quellpfad: hxxp://www.microsoft.com    Signaturtyp:
%%800    Aktualisierungstyp: %%803    Benutzer: NT-AUTORITÄT\SYSTEM    Aktuelle Modulversion:
      Vorherige Modulversion: 1.1.11202.0    Fehlercode: 0x8024001e    Fehlerbeschreibung: Unerwartetes
 Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates
 oder zur Problembehandlung finden Sie unter "Hilfe und Support".
 
Error - 15.12.2014 10:10:56 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver
 Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive
 Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 18.12.2014 19:07:32 | Computer Name = Lukas-PC | Source = DCOM | ID = 10010
Description =
 
Error - 20.12.2014 11:36:33 | Computer Name = Lukas-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?20.?12.?2014 um 16:35:21 unerwartet heruntergefahren.
 
Error - 22.12.2014 14:03:32 | Computer Name = Lukas-PC | Source = DCOM | ID = 10010
Description =
 
Error - 23.12.2014 12:39:46 | Computer Name = Lukas-PC | Source = Microsoft Antimalware | ID = 2001
Description = Beim Aktualisieren der Signaturen wurde von %%860 ein Fehler festgestellt.

        Neue
 Signaturversion:      Vorherige Signaturversion: 1.191.622.0    Aktualisierungsquelle: %%859

        Aktualisierungsphase:
 %%852    Quellpfad: hxxp://www.microsoft.com    Signaturtyp: %%800    Aktualisierungstyp: %%803

        Benutzer:
 NT-AUTORITÄT\SYSTEM    Aktuelle Modulversion:      Vorherige Modulversion: 1.1.11302.0    Fehlercode:
 0x80072ee2    Fehlerbeschreibung: Das Zeitlimit für den Vorgang wurde erreicht.
 
Error - 23.12.2014 12:56:10 | Computer Name = Lukas-PC | Source = DCOM | ID = 10010
Description =
 
Error - 23.12.2014 12:56:41 | Computer Name = Lukas-PC | Source = DCOM | ID = 10010
Description =
Error - 23.12.2014 13:21:04 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%216
 
 
< End of report >
--- --- ---

schrauber 23.12.2014 19:24
hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Splintefakt 23.12.2014 19:34
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-12-2014
Ran by *** at 2014-12-23 19:30:22
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1710 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1710 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3007 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3502 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0517.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argazki Galeria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.52.0.50 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.899 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DealPly (HKU\.DEFAULT\...\DealPly) (Version:  - ) <==== ATTENTION
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.20.0 - Egis Technology Inc.)
ES603 WDM Driver (x32 Version: 3.0.20.0 - Egis Technology Inc.) Hidden
Fotogaléria (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{1D8BE3A3-7BA2-4E27-93D5-645342B6801E}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Install Absolute Data Protect (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 1.0.0.42 - Absolute Software)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version:  - istartsurf) <==== ATTENTION
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LastChaosGER (HKLM-x32\...\{A86A50FC-7C22-478B-BAEF-82393328825F}) (Version: 1.00.000 - Barunsongames CO., LTD.)
Launch Manager (HKLM-x32\...\LManager) (Version: 6.0.8s1 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 10.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 10.0.2 (x86 de)) (Version: 10.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSynth 1.5 alpha (HKLM-x32\...\{636F485A-2053-43FA-BE1D-CC27CDA4A0AC}) (Version: 1.5.0 - MRoc Audiosolutions)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7137 - MyHeritage.com)
NVIDIA 3D Vision Treiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.18.0 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Opera Stable 24.0.1558.53 (HKLM-x32\...\Opera 24.0.1558.53) (Version: 24.0.1558.53 - Opera Software ASA)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Process Hacker 2.23 (HKLM\...\Process_Hacker2_is1) (Version: 2.23 - wj32)
ProShield (HKLM-x32\...\InstallShield_{08CCD7B4-9EED-4926-805D-C4FFF869989A}) (Version: 1.0.48.3 - Egis Technology Inc.)
ProShield (Version: 1.0.48.3 - Egis Technology Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.19.10.160 - Client Connect LTD) <==== ATTENTION
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Shotcut (HKLM-x32\...\Shotcut) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SweetIM Bundle by SweetPacks (HKLM-x32\...\SweetIM Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
System Explorer 3.6.2 (HKLM-x32\...\System Explorer_is1) (Version:  - Mister Group)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14484 - TeamViewer)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.0.82.0 - Intel)
Valokuvavalikoima (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.2 - VMware, Inc)
VMware Player (Version: 6.0.2 - VMware, Inc.) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7300 - Broadcom Corporation)
Windows Essentials Codec Pack 5.0 (HKLM-x32\...\Windows Essentials Codec Pack) (Version: 5.0 - Windows Essentials Codec Pack)
Windows Home Server-CD zum Wiederherstellen von Heimcomputern (Dual-Boot-Version) (HKLM-x32\...\{E98E2A33-05D1-476B-B81B-40F4BD957056}) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3508.0205 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
معرض الصور (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

11-12-2014 03:00:13 Windows Update
12-12-2014 03:00:12 Windows Update
16-12-2014 15:21:09 Windows Update
19-12-2014 00:09:29 Windows Update
22-12-2014 14:17:54 Windows Update
23-12-2014 17:29:02 Removed LogMeIn Hamachi
23-12-2014 17:32:18 Removed newsXpresso

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-27 15:32 - 00000910 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1                        d3oxij66pru1i3.cloudfront.net
127.0.0.1                        d3oxij66pru1i3.cloudfront.net


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08C6646F-9581-442F-88E8-1836225360A1} - System32\Tasks\{83D72D23-8742-47C8-ADAA-7A22CDADA986} => pcalua.exe -a "C:\Users\Lukas\Desktop\Siedler 3\s3new160.exe" -d "C:\Users\Lukas\Desktop\Siedler 3"
Task: {0A7076BB-4457-4F51-B891-78BE300E5289} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {12A199E4-73A5-44C7-A7D7-638D15591EB7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {17C58690-6AE3-4757-81A0-D74B1DED2BB2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {2F55158C-479B-4878-BEBE-2F3FFCCC219E} - System32\Tasks\{FB9366F8-9B7C-4F9E-89F0-600D9D5ABE54} => Chrome.exe hxxp://ui.skype.com/ui/0/4.2.0.187/de/go/help.faq.installer?LastError=1603
Task: {4E178259-05E8-4FE6-8BCF-8EE2CFD5A892} - \DealPly No Task File <==== ATTENTION
Task: {5C47C26F-F902-4A4C-ADD2-97FCDCFA906D} - System32\Tasks\{5C94E470-27B5-424C-B4A2-689BABC1D73D} => pcalua.exe -a C:\Users\Lukas\Downloads\wlsetup-all_16.4.3508.0205.exe -d C:\Users\Lukas\Downloads
Task: {5D49E1A0-6D01-4D9D-A09C-B1F16B490C1F} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {716F58F4-040F-4581-88F2-6E3893E73E9B} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {74C97A33-E080-4928-A58D-B9D23775B112} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {8BFB763A-1EC3-4F9F-A864-FFF747FF20D9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {93009005-3541-4059-90BB-CC1891AC8F0C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {A401A2D1-2449-4DC5-8979-88385D908782} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {B228A363-82B6-4652-B399-A01966D06DFE} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {BFE4C721-FB18-419B-946E-85CEB20E2137} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {CB2C43F5-02F8-474D-8B44-BEE6A480E1F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D0DBD25C-45B7-4E0A-A557-4C5BA9A04CE1} - System32\Tasks\{0EEBB68D-20CD-44BD-87C7-C40D4E86B933} => pcalua.exe -a C:\Users\Lukas\Downloads\keylogger3.exe -d C:\Users\Lukas\Downloads
Task: {D2FD37B9-9C06-4CE7-BC36-5ADA812E28ED} - System32\Tasks\{BF327014-A5FC-4D1E-BE2D-7C94DC79CDAA} => pcalua.exe -a C:\Users\Lukas\Downloads\ts2_client_rc2_2032.exe -d C:\Users\Lukas\Downloads
Task: {D9BB3A34-3E07-4DFC-9887-76D72398926D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-03] (Google Inc.)
Task: {EA26028D-24AB-491F-94D3-CD87F26ED8BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-04 13:15 - 2011-06-04 13:15 - 01407536 _____ () C:\Program Files\Acer ProShield\LIBEAY32.dll
2014-10-22 19:08 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-15 08:42 - 2014-04-15 08:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-06 19:50 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-20 02:18 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-15 17:53 - 2013-10-29 12:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-07-15 17:53 - 2012-12-11 10:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 14:22 - 2012-01-05 14:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-04-14 15:41 - 2014-04-14 15:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-10-16 16:26 - 2014-10-16 16:26 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll
2011-08-20 01:34 - 2011-01-13 01:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-07-15 17:53 - 2013-01-15 16:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-07-15 17:53 - 2013-11-05 15:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2014-12-03 18:31 - 2014-11-25 07:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-03 18:31 - 2014-11-25 07:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-03 18:31 - 2014-11-25 07:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-03 18:31 - 2014-11-25 07:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-12-03 18:31 - 2014-11-25 07:39 - 14910280 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8927A071

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^StartUp^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Lukas\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: Facebook Update => "C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Power Management => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
MSCONFIG\startupreg: Realtime Audio Engine => "mmrtkrnl.exe" /i
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1163185453-3357255380-38341258-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1163185453-3357255380-38341258-1004 - Limited - Enabled)
Gast (S-1-5-21-1163185453-3357255380-38341258-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1163185453-3357255380-38341258-1007 - Limited - Enabled)
Lukas (S-1-5-21-1163185453-3357255380-38341258-1001 - Administrator - Enabled) => C:\Users\Lukas

==================== Faulty Device Manager Devices =============

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/23/2014 06:26:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 06:26:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 06:22:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/23/2014 05:56:43 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/23/2014 05:56:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam.exe, Version 1.0.0.532 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 154c

Startzeit: 01d01ecf4d0fccc0

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Berichts-ID: a235e22f-8ac4-11e4-95d0-005056c00008

Error: (12/23/2014 05:26:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 1.2.26.326, Zeitstempel: 0x5332d01c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x73616c63
ID des fehlerhaften Prozesses: 0x144c
Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0
Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1
Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2
Berichtskennung: Uninstall.exe_unknown3

Error: (12/23/2014 05:26:35 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht.

Error: (12/23/2014 05:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/23/2014 05:15:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 05:15:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
 DETAIL - Das System kann die angegebene Datei nicht finden.


System errors:
=============
Error: (12/23/2014 06:21:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%216

Error: (12/23/2014 05:56:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {94E2D96B-B937-4AED-99CC-199D15CD6CE6}

Error: (12/23/2014 05:56:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/23/2014 05:39:46 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.191.622.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (12/22/2014 07:03:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/20/2014 04:36:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎12.‎2014 um 16:35:21 unerwartet heruntergefahren.

Error: (12/19/2014 00:07:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {94E2D96B-B937-4AED-99CC-199D15CD6CE6}

Error: (12/15/2014 03:10:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/13/2014 05:26:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.189.1870.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (12/13/2014 05:26:57 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

        Neue Signaturversion:

        Vorherige Signaturversion: 1.189.1870.0

        Aktualisierungsquelle: %NT-AUTORITÄT59

        Aktualisierungsphase: 4.6.0305.00

        Quellpfad: 4.6.0305.01

        Signaturtyp: %NT-AUTORITÄT602

        Aktualisierungstyp: %NT-AUTORITÄT604

        Benutzer: NT-AUTORITÄT\SYSTEM

        Aktuelle Modulversion: %NT-AUTORITÄT605

        Vorherige Modulversion: %NT-AUTORITÄT606

        Fehlercode: %NT-AUTORITÄT607

        Fehlerbeschreibung: %NT-AUTORITÄT608


Microsoft Office Sessions:
=========================
Error: (12/23/2014 06:26:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 06:26:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 06:22:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/23/2014 05:56:43 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/23/2014 05:56:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.532154c01d01ecf4d0fccc00C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exea235e22f-8ac4-11e4-95d0-005056c00008

Error: (12/23/2014 05:26:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstall.exe_unknown1.2.26.3265332d01cunknown0.0.0.000000000c000000573616c63144c01d01ecd2d104b44C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exeunknown8102a841-8ac0-11e4-95d0-005056c00008

Error: (12/23/2014 05:26:35 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Das Zeitlimit für den Vorgang wurde erreicht.

Error: (12/23/2014 05:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/23/2014 05:15:39 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.

Error: (12/23/2014 05:15:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.


CodeIntegrity Errors:
===================================
  Date: 2011-11-10 18:39:34.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:34.193
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:34.173
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:34.113
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:34.083
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:34.023
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:33.993
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:33.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:33.923
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2011-11-10 18:39:33.813
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 8043.86 MB
Available physical RAM: 4821.33 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 12843.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:682.54 GB) (Free:482.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7FEC4057)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=682.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-12-2014
Ran by *** (administrator) on ***-PC on 23-12-2014 19:29:10
Running from C:\Users\Lukas\Downloads
Loaded Profiles: *** &  (Available profiles: ***)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\x86\EgisService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ProShieldTSR] => C:\Program Files\Acer ProShield\EgisTSR.exe [165936 2011-06-04] (Egis Technology Inc. )
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2534400 2014-03-25] (MyHeritage)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\RunOnce: [Adobe Speed Launcher] => 1419355676
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872168 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Adobe Speed Launcher] => 1419355676
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC64LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] ()
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] ()
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409125920&from=tugs&uid=TOSHIBAXMK7559GSXP_71HQC1WRTXX71HQC1WRT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409125920&from=tugs&uid=TOSHIBAXMK7559GSXP_71HQC1WRTXX71HQC1WRT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M7BAD8389-21B9-4C77-9F1C-D843AC447837&SearchSource=55&CUI=&UM=6&UP=SP639D6362-EA59-42D8-AB24-EEFC5C7DC815&SSPV=
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409125920&from=tugs&uid=TOSHIBAXMK7559GSXP_71HQC1WRTXX71HQC1WRT&q={searchTerms}
HKU\S-1-5-21-1163185453-3357255380-38341258-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=0002F86C&OHP=http%3A%2F%2Fsearch.babylon.com%2F%3FAF%3D109985%26babsrc%3DHP%5Fss%26mntrId%3D9cf71cb9000000000000ccaf782b6c79&OSP=http%3A%2F%2Fsearch.babylon.com%2F%3Fq%3D%7BsearchTerms%7D%26AF%3D109985%26babsrc%3DSP%5Fss%26mntrId%3D9cf71cb9000000000000ccaf782b6c79
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M7BAD8389-21B9-4C77-9F1C-D843AC447837&SearchSource=55&CUI=&UM=6&UP=SP639D6362-EA59-42D8-AB24-EEFC5C7DC815&SSPV=
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1409125920&from=tugs&uid=TOSHIBAXMK7559GSXP_71HQC1WRTXX71HQC1WRT&q={searchTerms}
HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=0002F86C&OHP=http%3A%2F%2Fsearch.babylon.com%2F%3FAF%3D109985%26babsrc%3DHP%5Fss%26mntrId%3D9cf71cb9000000000000ccaf782b6c79&OSP=http%3A%2F%2Fsearch.babylon.com%2F%3Fq%3D%7BsearchTerms%7D%26AF%3D109985%26babsrc%3DSP%5Fss%26mntrId%3D9cf71cb9000000000000ccaf782b6c79
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=1248396719&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP8616BF39-BECF-4981-9107-4945CEAC0DC2&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6PRjWjkID2&loc=skw&search={searchTerms}&i=26
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3326569&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SP8616BF39-BECF-4981-9107-4945CEAC0DC2&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6PRjWjkID2&loc=skw&search={searchTerms}&i=26
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\x86\EgisPBIE.dll (Egis Technology Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\vpfo2nxj.default-1382548409648
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M7BAD8389-21B9-4C77-9F1C-D843AC447837&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP639D6362-EA59-42D8-AB24-EEFC5C7DC815
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M7BAD8389-21B9-4C77-9F1C-D843AC447837&SearchSource=55&CUI=&UM=6&UP=SP639D6362-EA59-42D8-AB24-EEFC5C7DC815&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1163185453-3357255380-38341258-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: YoutubeAdblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\vpfo2nxj.default-1382548409648\Extensions\scdec@uieeoe.co.uk [2014-04-14]
FF Extension: ProxTube - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\vpfo2nxj.default-1382548409648\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\vpfo2nxj.default-1382548409648\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-23]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt
FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt [2011-09-22]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20
FF Extension:  Online Accounts Extension  - C:\Program Files\Acer ProShield\FFExt20 [2011-09-22]
FF HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-31]
FF HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default
CHR HKU\S-1-5-21-1163185453-3357255380-38341258-1001\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-31]
CHR HKU\S-1-5-21-1163185453-3357255380-38341258-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] () [File not signed]
R2 EgisTec Service; C:\Program Files\Acer ProShield\x86\EgisService.exe [195120 2011-06-04] (Egis Technology Inc. )
R2 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [212016 2011-06-04] (Egis Technology Inc. )
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-15] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\SystemExplorerService64.exe [712520 2011-09-22] (Mister Group)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-11-27] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-23] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-11-27] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-23] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-31] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-09-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 khbwucgr; \??\C:\Windows\system32\drivers\khbwucgr.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 X6va005; \??\C:\Users\Lukas\AppData\Local\Temp\0053504.tmp [X]
S3 X6va006; \??\C:\Users\Lukas\AppData\Local\Temp\0062CDA.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 19:29 - 2014-12-23 19:29 - 00029178 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-12-23 19:28 - 2014-12-23 19:29 - 00000000 ____D () C:\FRST
2014-12-23 19:28 - 2014-12-23 19:28 - 02122240 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-12-23 18:57 - 2014-12-23 18:57 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-23 18:50 - 2014-12-23 18:50 - 00144704 _____ () C:\Users\Lukas\Downloads\Extras.Txt
2014-12-23 18:48 - 2014-12-23 19:02 - 00159726 _____ () C:\Users\Lukas\Downloads\OTL.Txt
2014-12-23 18:38 - 2014-12-23 18:38 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-23 18:32 - 2014-12-23 18:32 - 00602112 _____ (OldTimer Tools) C:\Users\Lukas\Downloads\OTL.exe
2014-12-23 18:26 - 2014-12-23 18:26 - 00122080 _____ () C:\Users\Lukas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-23 18:20 - 2014-12-23 18:21 - 00452328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-23 18:20 - 2014-12-23 18:21 - 00000168 _____ () C:\Windows\setupact.log
2014-12-23 18:20 - 2014-12-23 18:20 - 00001288 _____ () C:\Windows\PFRO.log
2014-12-23 18:20 - 2014-12-23 18:20 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 17:56 - 2014-12-23 17:56 - 00022512 _____ () C:\Windows\system32\Drivers\SPPD.sys
2014-12-23 17:33 - 2014-12-23 17:33 - 00000000 __SHD () C:\Users\Lukas\AppData\Local\EmieBrowserModeList
2014-12-22 16:51 - 2014-12-22 16:52 - 00000000 ____D () C:\Users\Lukas\Desktop\Bewerbung IG BAU
2014-12-18 15:28 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 15:28 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 03:18 - 2014-12-12 03:18 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:03 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 03:03 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 03:03 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 03:03 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 03:03 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 03:03 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 03:03 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 03:03 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 03:02 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 03:02 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 03:02 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 03:02 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 03:02 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 03:02 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 03:02 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 03:02 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 03:02 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 03:02 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 03:02 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 03:02 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 03:02 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 03:02 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 03:02 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 03:02 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 03:02 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 03:02 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 03:02 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 03:02 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 03:02 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 03:02 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 03:02 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 03:02 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 03:02 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 03:02 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 03:02 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 03:02 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 03:02 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 03:02 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 03:02 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 03:02 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 03:02 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 03:02 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 03:02 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 03:02 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 03:02 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 03:02 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 03:02 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 03:02 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 03:02 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 03:02 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 03:02 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 03:02 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 03:02 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 03:02 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 03:02 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 03:02 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 03:02 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 03:02 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 03:02 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 03:02 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 03:02 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 03:02 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 03:02 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 03:02 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 03:02 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 03:01 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 03:01 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 03:01 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 03:01 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 03:01 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:01 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 03:01 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 03:01 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 03:01 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 03:01 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 03:01 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 03:01 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 03:01 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 03:01 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 03:01 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 03:01 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 20:04 - 2014-12-10 18:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 18:31 - 2014-12-03 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-03 18:29 - 2014-12-23 18:34 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 18:29 - 2014-12-23 18:34 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-03 18:29 - 2014-12-03 18:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-03 18:29 - 2014-12-03 18:29 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-03 18:29 - 2014-12-03 18:29 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-03 18:28 - 2014-12-03 18:28 - 00880784 _____ (Google Inc.) C:\Users\Lukas\Downloads\ChromeSetup.exe
2014-12-01 17:25 - 2014-12-01 17:27 - 00352256 _____ () C:\Users\Lukas\Documents\Datenbank1.accdb
2014-11-23 13:36 - 2014-11-23 13:36 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-11-23 13:35 - 2014-12-23 17:56 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-11-23 13:35 - 2014-11-23 13:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\SearchProtect
2014-11-23 13:34 - 2014-11-23 13:34 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-11-23 13:33 - 2014-12-23 17:37 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DAEMON Tools Lite
2014-11-23 13:33 - 2014-11-23 13:34 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-11-23 13:32 - 2014-11-23 13:33 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-11-23 13:00 - 2014-11-23 13:37 - 00000000 ____D () C:\Users\Lukas\Documents\Windows Home Server-CD zum Wiederherstellen von Heimcomputern (Dual-Boot-Version)
2014-11-23 12:51 - 2014-11-23 12:57 - 238291968 _____ () C:\Users\Lukas\Downloads\restorecd.msi
2014-11-23 12:22 - 2014-11-23 12:26 - 150818816 _____ () C:\Users\Lukas\Downloads\vista-recovery-disc_9456.iso

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 19:30 - 2012-03-31 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 19:27 - 2011-11-11 20:17 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-12-23 18:58 - 2014-08-27 17:02 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-23 18:57 - 2014-08-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-23 18:57 - 2014-08-27 17:01 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-23 18:32 - 2011-09-22 19:03 - 01767681 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 18:28 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 18:28 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 18:25 - 2011-09-23 04:56 - 00732394 _____ () C:\Windows\system32\perfh007.dat
2014-12-23 18:25 - 2011-09-23 04:56 - 00162348 _____ () C:\Windows\system32\perfc007.dat
2014-12-23 18:25 - 2009-07-14 06:13 - 01699460 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-23 18:21 - 2012-07-19 19:02 - 00000000 ____D () C:\ProgramData\VMware
2014-12-23 18:20 - 2011-09-22 19:07 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-23 18:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 17:56 - 2012-12-27 13:23 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-23 17:37 - 2014-09-23 18:47 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Ventrilo
2014-12-23 17:37 - 2012-11-26 20:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-23 17:33 - 2014-09-01 11:49 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Opera Software
2014-12-23 17:33 - 2014-09-01 11:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Opera Software
2014-12-23 17:32 - 2011-08-20 01:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-23 17:26 - 2013-07-25 18:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-12-23 17:26 - 2011-11-26 22:14 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\DVDVideoSoft
2014-12-23 17:26 - 2011-11-26 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-23 17:24 - 2014-04-14 16:52 - 00000000 ____D () C:\Program Files (x86)\Blobby Volley 2 Version 1.0
2014-12-23 17:22 - 2012-07-12 17:27 - 00000000 ____D () C:\Program Files (x86)\Advanced Fix 2012
2014-12-23 17:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-23 11:40 - 2014-10-22 19:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 18:39 - 2014-05-16 14:48 - 00009087 _____ () C:\Users\Lukas\Desktop\Lebenslauf.odt
2014-12-22 16:54 - 2014-09-29 11:40 - 00000000 ____D () C:\Users\Lukas\Desktop\LC Daten
2014-12-22 16:51 - 2012-11-28 15:27 - 00000000 ____D () C:\Users\Lukas\Desktop\Bilder
2014-12-19 10:22 - 2014-09-30 07:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-19 10:22 - 2011-08-20 01:43 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 00:06 - 2011-11-12 19:07 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-12-18 20:50 - 2012-07-19 19:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\VMware
2014-12-18 20:50 - 2012-07-19 19:09 - 00000000 ____D () C:\Users\Lukas\AppData\Local\VMware
2014-12-12 03:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 03:18 - 2014-05-01 22:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 03:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-12 03:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:14 - 2013-07-17 10:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:01 - 2011-11-10 16:23 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 16:30 - 2012-03-31 19:43 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 16:30 - 2012-03-31 19:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 16:30 - 2011-08-20 02:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-03 18:29 - 2011-11-11 16:26 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Google
2014-12-03 18:17 - 2011-11-10 16:05 - 01690878 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-02 08:56 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-01 16:47 - 2014-10-21 17:50 - 00000000 ____D () C:\Users\Lukas\Desktop\Info Übungen
2014-12-01 16:46 - 2014-10-14 09:35 - 00000000 ____D () C:\Users\Lukas\Desktop\HSWT
2014-11-29 17:20 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-23 15:47 - 2011-08-20 02:02 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-11-23 13:34 - 2013-04-04 18:06 - 00000000 _____ () C:\end

Files to move or delete:
====================
C:\Users\Lukas\DSETUP.dll
C:\Users\Lukas\dsetup32.dll
C:\Users\Lukas\DXSETUP.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-18 16:14

schrauber 24.12.2014 18:01
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    DealPly

    Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

    istartsurf uninstall

    Search Protect

    SweetIM Bundle by SweetPacks

    SweetIM for Messenger 3.7


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:18 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131