Jassi1812 | 14.02.2015 14:17 | Chrome lässt sich nicht deinstallieren. Wenn ich auf deinstallieren klicke, erscheint ein Fenster, in dem steht, dass ich alle Chromefenster schließen und es erneut versuchen soll.
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 14.02.2015 14:10:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\privat\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,89% Memory free
15,88 Gb Paging File | 13,62 Gb Available in Paging File | 85,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 12,99 Gb Free Space | 11,63% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 890,28 Gb Free Space | 95,57% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 594,27 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Computer Name: PRIVAT-PC | User Name: privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01504728-799A-4168-9E7F-F4E9C9E11CC7}" = rport=445 | protocol=6 | dir=out | app=system |
"{02778CF2-3D53-4A48-A5A0-34C888114F70}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0DC06678-5953-4385-99F8-52A0500E15E6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{166E0605-7B9D-4CAE-B172-C08AEC5A1AA8}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1DF2385C-7DE3-4B92-9BFB-2B74BC45ACFB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1F89F25D-B7A5-497F-84B3-5EFCFC33E714}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2A7CEC47-E08C-4F0E-8695-10488DEB205C}" = lport=137 | protocol=17 | dir=in | app=system |
"{30002BE5-2F2A-4D52-B255-F9982BB3A286}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{32D7107C-ACCF-429E-851B-8FA3949E1E0C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3EA3BBF9-1DBD-40D1-BB72-801299444ED2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40047FB3-994C-4E1B-BF9F-F8B5C189A891}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{496DCB15-5CFC-4B5F-8440-117B8787288D}" = rport=137 | protocol=17 | dir=out | app=system |
"{6AC53F30-E6CA-40FD-8C08-7EF84F10C44B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{721E540A-AD94-47F0-87F5-3438602BAC08}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{75745A70-0B93-41CF-9EE5-68AF09973E0E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7F129F0D-F4BF-45E4-ADD2-A4865D367A43}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B78A56C-8DE6-466E-BDAD-FD8F8B3683EA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9E3F9E11-21FA-45D4-8D3D-20BDCD56D07E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E691B4B-BBEA-4003-9A5E-28BC3245967F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{9F1EDF97-A4E7-4CF0-A15F-A95880646A0A}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9F4152F7-81BC-4934-BE48-04AAD08E5D53}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2D82757-44E6-420B-A94B-8C13250C81BC}" = lport=139 | protocol=6 | dir=in | app=system |
"{AABDA01E-8D25-471B-B6D2-E27ACAF46D02}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AFA6FDB4-DC7A-4DD5-B84A-A0CE9DB32644}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{B0893072-9D4B-4E70-928F-601357A5A182}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B22E6A6A-F741-40A9-A15F-423EA2EE46B8}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{BC8AB292-7CDB-4E6C-9E2C-51C2BAECF363}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C7E72587-D6A5-4249-9DDF-D09929F5FBFE}" = lport=445 | protocol=6 | dir=in | app=system |
"{CEB9C56F-6976-4F7D-A8A2-68BBE120C235}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{DC1BC563-3C42-47AA-AA9E-A5D0884B5A0B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F0C9E708-323C-4B54-97F3-D9FBB8B0B367}" = lport=138 | protocol=17 | dir=in | app=system |
"{FE6FD698-493A-4729-A997-4B4C8715E0A3}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A16665-1824-4C17-B9B5-D1E2CAB6F662}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0ADC943F-ACCC-415B-8D79-CE21DFC03C8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0E117EED-F1FC-45A4-BFA9-B936714754EF}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxddcoms.exe |
"{113908DB-76A6-4BF8-B6AD-2E3C09CB2933}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{16F3D30C-EC01-47B7-86AF-86D47227DC19}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{192020A4-1F1D-4E1D-9844-F8B862ABD54A}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2500 series\lxddamon.exe |
"{19D466A0-E24C-450E-A418-E0FA60944A87}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{1F53205E-E72E-4448-8DCB-62A332EADE99}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{20D3B887-F66F-4D67-A305-BCEA05ED2DE0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20F4876F-DC22-4D2B-86FD-82EFA4D49E75}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{29F00810-EE27-43B0-89F3-297DE14DEAA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2AF02968-A998-4787-9F6A-A8A8DC13B3F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3063FF14-63C2-4CDE-B176-800DF0D3A997}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{375D2033-4068-4AFE-87DF-F2AB8ABE8435}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{37E42D4E-2669-4430-8068-922BAADD1375}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3C8C2337-A6C0-480D-81D0-CA9338C131D0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\launcher.exe |
"{3DD24518-5260-45AD-A354-026513DE7C7B}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{422A15F4-3E3C-46A9-94E0-69D6BB8A79F2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4281D679-D5D5-4E33-A4A3-52E049B46EF1}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\theme hospital\data\game\dosbox\launcher.exe |
"{44A088D7-E5B2-4AC1-9B98-E7AB9D80CBA0}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{45170C1C-214F-403F-AC94-E20237C8AA12}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe |
"{46FBB066-3D2A-45A2-B63E-0AC295FBF1D3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{49E323BD-C797-45B4-9CE2-3CE65E429645}" = protocol=6 | dir=in | app=d:\program files (x86)\smartview2\smart view 2.0.exe |
"{4A0A943D-E3F3-4097-AE64-45B68A9D5433}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\mass effect 3 demo\binaries\win32\masseffect3demo.exe |
"{4E242E3B-6A63-4AFB-906C-4AF0EF81B68D}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe |
"{4FFBE236-A320-421B-BFE0-9E1F83FA4C40}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51E73379-E827-4824-BFFC-6DD866FDF1DC}" = protocol=17 | dir=in | app=d:\program files (x86)\smartview2\smart view 2.0.exe |
"{5246512E-5760-4275-8A8C-B5B63BE63271}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F07B111-2F40-4BD7-AF02-4057D36AB528}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2500 series\lxddmon.exe |
"{60C93418-5937-49FC-AF44-13C1DF8A9A20}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{677B2C3F-D87A-480F-9EAB-7A25299CE97E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{688CB72E-08A8-4D83-9EFE-5FE4C46A5002}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\age of empires iii\age3.exe |
"{695AAA12-0B34-4980-B32A-42EC82C4D5FA}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{72458955-6BA3-4410-83E8-B821E1C61C2D}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{731A7469-2106-4951-9F0C-2523701C97B3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7ABEE322-2220-4DE1-AFB8-C30B918E78C7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{87A417B3-7551-4902-BB28-BF809CE4A754}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 2500 series\app4r.exe |
"{8A92E0AC-17BD-450E-92A4-CD1870AC15BA}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2500 series\lxddamon.exe |
"{8C130612-B3D8-4C5A-B0DE-7FA4A7B724BF}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\theme hospital\data\game\dosbox\launcher.exe |
"{8DBB7A8F-762E-4ECB-97C0-A9A8AC273645}" = protocol=17 | dir=in | app=d:\program files (x86)\smartview2\smart view 2.0.exe |
"{95A3F7D1-8F67-405C-9626-38E00D4A2531}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{98CD373A-DD07-4372-A5C8-3B5E8B54DBEE}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\the sims 2 ultimate collection\fun with pets\sp9\tsbin\sims2ep9.exe |
"{98D91D9A-7CBF-42BB-818E-B1B935051C05}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9A658269-B42B-4BC9-99B3-995F407EB733}" = protocol=6 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{9D95467E-6724-40CE-AD2B-0250A5E1E815}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{A52EE2E3-2EA7-470E-89A2-9783F91B0A23}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A9956328-D070-4157-8654-9E54056EA6B2}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{B6099C86-277F-4C60-A6A1-FDAC50229FCE}" = protocol=6 | dir=out | app=system |
"{BEA0F25B-C57C-449A-952A-3F5870CB6C8A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C10AADD2-3D0F-455D-A795-40D715A5A4F4}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{C5AAA1AB-45CA-449C-952A-CDBF85EEA4ED}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2500 series\app4r.exe |
"{C90103EC-D5CA-4B65-946E-AB98F1B38040}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CF117AB0-A8EF-4AAB-9B34-165C91195FCC}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D20895F5-0C89-4569-A758-4438E31FEC51}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E006E3C8-4247-45BB-9D48-0BF1A3D53CDF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E189ED9F-12D6-43E3-A7EA-B64F39F3475E}" = protocol=17 | dir=in | app=c:\windows\system32\lxddcoms.exe |
"{E381CC5C-C773-405E-BD1A-E21B92CF73BE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA9BD02B-A87E-4A8D-A2EA-0CE368B15015}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F173E6D7-485D-45F4-8237-6AEB115764BC}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\launcher.exe |
"{F24700A5-C9C6-48DD-A67B-4509FCD945B8}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxddcoms.exe |
"{F5D3E175-B695-4E9C-AAA8-A6AA760B1F66}" = protocol=6 | dir=in | app=d:\program files (x86)\smartview2\smart view 2.0.exe |
"{F7969CE5-9A8B-4A59-8CFE-179C1A82B127}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 2500 series\lxddmon.exe |
"TCP Query User{BF307CE6-F738-4FC2-957B-44954A6573F8}D:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
"UDP Query User{AB5BF837-DB36-40A4-A5C8-3D2F69A0344F}D:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series" = Canon MG5500 series MP Drivers
"{180500C1-57BB-3AA8-8E55-DCD5ECD16537}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{996D32B6-F629-4764-894B-CB24D9C19051}" = Microsoft Security Client
"{9A37ADB3-3D8D-4EDF-8F6D-B8A66F18087B}" = Intel(R) Smart Connect Technology
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 347.25
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 347.25
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 347.25
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.2.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 347.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"Microsoft Security Client" = Microsoft Security Essentials
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04450C18-F039-4B81-A621-70C3B0F523D5}" = The Sims 2: Ultimate Collection
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{462A1E00-58EA-4D63-96F4-3EFAEC9A5BCA}" = Avira
"{48EBEBBF-B9F8-4520-A3CF-89A730721917}" = Die Sims™ 4
"{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}" = Theme Hospital
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715AD72D-887A-459E-988B-D4F3E87FA24B}" = Peggle
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1683CA7-4850-4A21-982B-C6D853C79AF7}" = Mass Effect™ 3 Demo
"{A1C67963-2767-4C16-9966-A31BFB7C952F}" = VirtualDJ 8
"{A492B658-0E72-4561-B745-256CBD202E68}" = Ear Force Audio Hub
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.13) - Deutsch
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{bd538030-07d4-4999-a525-7fafa2483f56}" = Avira
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CC7BA35C-324E-45F8-B29D-6F4AAA527490}" = Advanced Sound Editor
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}" = Bejeweled® 3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FBAAAFAE-08A8-4C63-87EA-4AEA9DEE53E1}" = Smart View 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Canon MG5500 series Benutzerregistrierung" = Canon MG5500 series Benutzerregistrierung
"Canon MG5500 series On-screen Manual" = Canon MG5500 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"Google Chrome" = Google Chrome
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.4.1028
"Mozilla Firefox 35.0.1 (x86 de)" = Mozilla Firefox 35.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Steam" = Steam
"Steam App 272350" = Tom Clancy's Ghost Recon Phantoms - EU
"VLC media player" = VLC media player
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Music" = Amazon Music
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.12.2014 07:54:33 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 01.01.2015 19:12:05 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.01.2015 14:38:16 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 04.01.2015 08:17:00 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 05.01.2015 08:05:25 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.01.2015 09:58:01 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 07.01.2015 01:50:06 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.01.2015 01:34:44 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.01.2015 01:19:53 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
Error - 09.01.2015 08:15:31 | Computer Name = privat-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 12.10.2014 16:44:14 | Computer Name = privat-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?12.?10.?2014 um 20:01:16 unerwartet heruntergefahren.
Error - 12.10.2014 16:44:15 | Computer Name = privat-PC | Source = BugCheck | ID = 1001
Description =
Error - 13.10.2014 07:13:13 | Computer Name = privat-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst lmhosts erreicht.
Error - 14.10.2014 06:02:42 | Computer Name = privat-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst lmhosts erreicht.
Error - 15.10.2014 07:51:36 | Computer Name = privat-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme
(KB2952664)
Error - 23.10.2014 13:29:22 | Computer Name = privat-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst lmhosts erreicht.
Error - 03.11.2014 18:18:45 | Computer Name = privat-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?11.?2014 um 12:26:54 unerwartet heruntergefahren.
Error - 03.11.2014 18:18:46 | Computer Name = privat-PC | Source = BugCheck | ID = 1001
Description =
Error - 10.11.2014 04:41:49 | Computer Name = privat-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst lmhosts erreicht.
Error - 11.11.2014 06:45:21 | Computer Name = privat-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 14.02.2015 14:10:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\privat\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17633)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,94 Gb Total Physical Memory | 6,03 Gb Available Physical Memory | 75,89% Memory free
15,88 Gb Paging File | 13,62 Gb Available in Paging File | 85,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 12,99 Gb Free Space | 11,63% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 890,28 Gb Free Space | 95,57% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 594,27 Gb Free Space | 99,68% Space Free | Partition Type: NTFS
Computer Name: PRIVAT-PC | User Name: privat | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\privat\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\privat\AppData\Local\Amazon Music\Amazon Music Helper.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\f9d8efe5e01d08740774a12f20a3e640\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8092ad8ffb37d779da3984d6e11e7516\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9e42fe7c83345249b5dde1693d1bf8b5\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\825c2900a23128a2fd3de768abc9b023\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\92edcd808511b7f4b642f922f8ebc31c\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\201032e5afa8609da580589102a67857\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\9bcbefb742496c55841dfcb21be24c6e\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\19e39fd21583dacdbf083aef2e0ae4a3\System.Data.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\20aaf6bbc4e93d10d6a2ce3c0193b859\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\736256bbeb4557664ef1d22ce2b8cd47\System.ComponentModel.Composition.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9f1f464b854d655c74c8cd4ee5b731bd\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eb3ba0fe2449d7ca96b51f71b2061cf6\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c8a838d217ea8b4f68bbf38172114f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll ()
MOD - C:\Users\privat\AppData\Local\Amazon Music\Amazon Music Helper.exe ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (Origin Client Service) -- D:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Avira.OE.ServiceHost) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (GfExperienceService) -- C:\Programme\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV - (NvStreamSvc) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ISCTAgent) -- C:\Programme\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (cmnsusbser) -- C:\Windows\SysNative\drivers\cmnsusbser.sys (QUALCOMM Incorporated)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD.sys ()
DRV:64bit: - (INETMON) -- C:\Windows\SysNative\drivers\INETMON.sys ()
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NvStreamKms) -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2014.06.23 16:44:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\privat\AppData\Roaming\mozilla\Extensions
[2015.02.13 18:19:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\privat\AppData\Roaming\mozilla\Firefox\Profiles\iqmdyu1a.default\extensions
[2015.02.13 18:19:33 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\privat\AppData\Roaming\mozilla\Firefox\Profiles\iqmdyu1a.default\extensions\abs@avira.com
[2015.02.13 16:31:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.02.13 16:31:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk\1.4.4_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\privat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKCU..\Run: [Amazon Music] C:\Users\privat\AppData\Local\Amazon Music\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_DB7CD02E01A26A90D32AF93CFCC12A6B] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D65F8BD-3D77-4427-9A81-1570172126BB}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{53b16637-fae0-11e3-83d2-b755386a493c}\Shell - "" = AutoRun
O33 - MountPoints2\{53b16637-fae0-11e3-83d2-b755386a493c}\Shell\AutoRun\command - "" = G:\XSManager.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015.02.13 16:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015.02.13 06:59:23 | 000,000,000 | -HSD | C] -- C:\Users\privat\AppData\Local\EmieBrowserModeList
[2015.02.12 22:20:10 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.02.12 22:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015.02.12 22:19:55 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015.02.12 22:19:55 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015.02.12 22:19:55 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015.02.12 22:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015.02.12 22:19:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.02.12 22:18:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015.02.12 16:32:20 | 006,041,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.02.12 16:32:20 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.02.12 16:32:20 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.02.11 22:01:47 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015.02.11 22:01:47 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2015.02.11 22:01:46 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.02.11 22:01:46 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.02.11 22:01:46 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.02.11 22:01:46 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.02.11 22:01:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.02.11 22:01:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.02.11 22:01:46 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.02.11 22:01:46 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.02.11 22:01:45 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.02.11 22:01:45 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.02.11 22:01:44 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.02.11 22:01:44 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.02.11 22:01:44 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.02.11 22:01:44 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.02.11 22:01:44 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.02.11 22:01:44 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.02.11 22:01:44 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.02.11 22:01:44 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.02.11 22:01:44 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.02.11 22:01:43 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.02.11 22:01:43 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.02.11 22:01:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.02.11 22:01:42 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.02.11 22:01:42 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.02.11 22:01:42 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.02.11 22:01:42 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.02.11 22:01:42 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.02.11 22:01:41 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.02.11 22:01:41 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.02.11 22:01:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.02.11 22:01:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.02.11 22:01:40 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.02.11 21:56:10 | 001,239,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015.02.11 21:56:10 | 001,098,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.02.11 21:56:10 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.02.11 21:56:10 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.02.11 21:56:10 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.02.11 21:56:10 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.02.11 21:56:10 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.02.11 21:56:10 | 000,000,000 | ---D | C] -- C:\FRST
[2015.02.11 21:56:09 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.02.11 21:54:42 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015.02.11 21:54:41 | 001,464,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.02.11 21:54:41 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.02.11 21:54:40 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2015.02.11 21:54:40 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2015.02.11 21:54:37 | 001,480,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.02.11 21:54:35 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2015.02.11 21:50:40 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scesrv.dll
[2015.02.11 21:50:40 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scesrv.dll
[2015.02.11 21:49:35 | 005,553,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.02.11 21:49:34 | 003,977,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.02.11 21:49:34 | 003,921,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.02.11 10:23:23 | 000,000,000 | ---D | C] -- C:\Users\privat\AppData\Roaming\TuneUp Software
[2015.02.11 10:23:23 | 000,000,000 | ---D | C] -- C:\Users\privat\AppData\Local\TuneUp Software
[2015.02.11 10:23:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2015.02.11 10:23:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2015.02.11 10:22:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2015.02.11 10:21:30 | 000,000,000 | ---D | C] -- C:\Users\privat\AppData\Roaming\DVDVideoSoft
[2015.01.30 23:35:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG
[2015.01.30 23:25:44 | 000,000,000 | ---D | C] -- C:\Users\privat\AppData\Roaming\Canon
[2015.01.30 23:25:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJQuickMenu
[2015.01.30 23:22:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5500 series
[2015.01.30 23:22:31 | 000,394,240 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMXLMBU.DLL
[2015.01.30 23:22:14 | 000,321,536 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNC_BUL.dll
[2015.01.30 23:22:14 | 000,015,872 | ---- | C] (CANON INC.) -- C:\Windows\SysWow64\CNHMCA.dll
[2015.01.30 23:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5500 series Benutzerregistrierung
[2015.01.30 23:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt
[2015.01.30 23:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2015.01.30 23:18:34 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2015.01.30 23:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5500 series Manual
[2015.01.30 23:17:46 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2015.01.30 23:17:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2015.01.30 23:17:21 | 000,391,168 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLMBU.DLL
[2015.01.30 23:17:04 | 000,367,104 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC_BUL.dll
[2015.01.30 23:17:04 | 000,282,624 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC_BUC.dll
[2015.01.30 23:17:04 | 000,106,496 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC_BUI.dll
[2015.01.30 23:17:04 | 000,017,920 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNHMCA6.dll
[2015.01.30 23:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM
[2015.01.30 23:12:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJETV
[2015.01.30 23:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2015.01.28 07:29:17 | 000,000,000 | ---D | C] -- C:\Users\privat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2015.01.28 07:29:15 | 000,000,000 | ---D | C] -- C:\Users\privat\Documents\VirtualDJ
[2015.01.28 07:29:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2015.01.25 13:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Hospital
[2015.01.23 00:07:20 | 000,621,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.01.23 00:06:10 | 032,102,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.01.23 00:06:10 | 025,459,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.01.23 00:06:10 | 024,765,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.01.23 00:06:10 | 020,465,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.01.23 00:06:10 | 017,250,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.01.23 00:06:10 | 013,295,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.01.23 00:06:10 | 013,210,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.01.23 00:06:10 | 010,774,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.01.23 00:06:10 | 010,714,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.01.23 00:06:10 | 003,607,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.01.23 00:06:10 | 003,245,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.01.23 00:06:10 | 001,895,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434725.dll
[2015.01.23 00:06:10 | 001,556,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434725.dll
[2015.01.23 00:06:10 | 000,994,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.01.23 00:06:10 | 000,969,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.01.23 00:06:10 | 000,942,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.01.23 00:06:10 | 000,929,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.01.23 00:06:10 | 000,906,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.01.23 00:06:10 | 000,877,488 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.01.23 00:06:10 | 000,496,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.01.23 00:06:10 | 000,399,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.01.23 00:06:10 | 000,390,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.01.23 00:06:10 | 000,353,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.01.23 00:06:10 | 000,345,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.01.23 00:06:10 | 000,305,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.01.23 00:06:10 | 000,195,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.01.23 00:06:10 | 000,177,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.01.23 00:06:10 | 000,164,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.01.23 00:06:10 | 000,030,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.01.22 23:55:52 | 000,038,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.01.22 23:55:52 | 000,032,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
========== Files - Modified Within 30 Days ==========
[2015.02.14 14:12:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.02.14 14:10:07 | 000,001,424 | ---- | M] () -- C:\Users\privat\Desktop\OTL - Verknüpfung.lnk
[2015.02.14 13:42:14 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.02.14 13:42:14 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.02.14 13:41:27 | 001,628,524 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.02.14 13:41:27 | 000,702,738 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.02.14 13:41:27 | 000,656,970 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.02.14 13:41:27 | 000,150,378 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.02.14 13:41:27 | 000,122,782 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.02.14 13:35:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.02.14 13:34:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.02.14 13:34:53 | 2100,301,823 | -HS- | M] () -- C:\hiberfil.sys
[2015.02.13 16:31:42 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.02.13 07:03:51 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.02.12 22:20:04 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.02.12 06:40:54 | 000,410,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.02.11 22:53:11 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2015.02.09 17:00:17 | 000,005,427 | ---- | M] () -- C:\Users\privat\Documents\Sky Kündigung.odt
[2015.02.06 07:13:58 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.02.04 04:16:29 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.02.04 04:16:20 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.02.04 04:16:16 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.02.04 04:16:14 | 000,894,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.02.04 04:16:13 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.02.04 04:16:13 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.02.04 04:13:28 | 001,098,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.01.30 23:21:11 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2015.01.30 23:18:16 | 000,002,360 | ---- | M] () -- C:\Users\Public\Desktop\Canon MG5500 series On-Screen-Handbuch.lnk
[2015.01.28 07:29:17 | 000,001,030 | ---- | M] () -- C:\Users\privat\Desktop\VirtualDJ 8.lnk
[2015.01.28 00:36:21 | 001,239,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aitstatic.exe
[2015.01.25 13:45:22 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Theme Hospital.lnk
[2015.01.23 05:42:35 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.01.23 05:41:36 | 006,041,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.01.23 04:43:04 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.01.16 07:41:34 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015.01.16 07:41:34 | 001,278,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015.01.16 07:41:18 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015.01.16 07:41:18 | 001,514,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
========== Files Created - No Company Name ==========
[2015.02.14 14:10:07 | 000,001,424 | ---- | C] () -- C:\Users\privat\Desktop\OTL - Verknüpfung.lnk
[2015.02.13 16:31:42 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.02.13 16:31:42 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.02.12 22:20:04 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.02.09 17:00:11 | 000,005,427 | ---- | C] () -- C:\Users\privat\Documents\Sky Kündigung.odt
[2015.01.30 23:22:14 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\CNC1771D.TBL
[2015.01.30 23:21:11 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Canon Quick Menu.lnk
[2015.01.30 23:18:16 | 000,002,360 | ---- | C] () -- C:\Users\Public\Desktop\Canon MG5500 series On-Screen-Handbuch.lnk
[2015.01.30 23:17:04 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\CNC1771D.TBL
[2015.01.28 07:29:17 | 000,001,030 | ---- | C] () -- C:\Users\privat\Desktop\VirtualDJ 8.lnk
[2015.01.25 13:45:22 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Theme Hospital.lnk
[2014.08.08 19:37:41 | 000,214,392 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.08.08 19:37:40 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.07.19 20:38:24 | 000,000,000 | ---- | C] () -- C:\Users\privat\AppData\Roaming\ASEUserMetrics.osl
[2014.06.23 16:28:08 | 001,601,868 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.04.09 17:58:02 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:06:10 | 014,179,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:37:22 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > --- --- --- |