Problem mit der Internetgeschwindigkeit

Tobi1111

Die Internetgeschwindigkeit ist seit dem Update auf Firefox 21 extrem beeinträchtigt. Sie beträgt nur noch ca. 1/100 der alten Geschwindigkeit. Manche Internetseiten können deshalb garnicht geladen werden.
Des weiteren kann ich im taskmanager den Firefox.exe-Task nicht manuell beenden, auch nachdem ich das Firefox-Fenster schon geschlossen habe.
Der Task besetzt auch immer verhältnismäßig sehr viel Arbeitsspeicher.
Wenn ich dann Firefox erneut starte, kommt ein Dialog-Fenster mit dem Inhalt "Firefox läuft bereits".
Ich brauche dringend Hilfe, da ich zur Zeit nur über den Internet Explorer ins Internet komme und alle meine Lesezeichen in Firefox sind. Ich benötige die Lesezeichen für meine Arbeit.
Vielen Dank für jeden Lösungsvorschlag.

Zitronella

https://support.mozilla.org/de/kb/Probleme-durch-eine-Firewall bitte klicke entsprechendes an, je nachdem welche AntivirenSoftware du nutzt und gehe entsprechend die einzelnen Schritte durch.
Außerdem gib uns bitte mehr Infos über deinen Firefox und zwar folgendermaßen:
1.) ● [FIREFOX] ➜ Hilfe ➜ Informationen zur Fehlerbehebung
2.) ● jetzt die Schaltfläche "Text in die Zwischenablage kopieren "anklicken
3.) ● jetzt den kopierten Text aus der Zwischenablage als Code hier ins Forum einfügen. siehe dazu

Tobi1111

Code

Allgemeine Informationen


        Name
        Firefox


        Version
        21.0


        User-Agent
        Mozilla/5.0 (Windows NT 6.1; rv:21.0) Gecko/20100101 Firefox/21.0


        Build-Konfiguration


          about:buildconfig


  Erweiterungen


        Name


        Version


        Aktiviert


        ID


        Adblock Plus
        2.2.4
        true
        {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}


        Advanced SystemCare Surfing Protection
        1.0
        true
        ascsurfingprotection@iobit.com


        Download Statusbar
        0.9.10
        true
        {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}


        Image Zoom
        0.6.3
        true
        {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}


        ProxTube - Gesperrte YouTube Videos entsperren
        1.4.8
        true
        ich@maltegoetz.de


        DVDVideoSoft YouTube MP3 and Video Download
        4.2.1.10
        false
        {ACAA314B-EEBA-48e4-AD47-84E31C44796C}


  Wichtige modifizierte Einstellungen


      Name


      Wert


        accessibility.browsewithcaret
        true


        accessibility.typeaheadfind
        true


        accessibility.typeaheadfind.flashBar
        0


        browser.cache.disk.capacity
        1048576


        browser.cache.disk.smart_size.first_run
        false


        browser.cache.disk.smart_size_cached_value
        1003520


        browser.cache.memory.capacity
        65536


        browser.display.show_image_placeholders
        true


        browser.places.smartBookmarksVersion
        4


        browser.search.useDBForOrder
        true


        browser.startup.homepage
        https://www.facebook.com/|http://www.spiegel.de/


        browser.startup.homepage_override.buildID
        20130511120803


        browser.startup.homepage_override.mstone
        21.0


        browser.tabs.onTop
        false


        browser.tabs.warnOnOpen
        false


        browser.urlbar.autocomplete.enabled
        true


        dom.identity.enabled
        true


        dom.max_script_run_time
        0


        dom.w3c_touch_events.expose
        false


        extensions.lastAppVersion
        21.0


        font.internaluseonly.changed
        false


        gfx.direct3d.checkDX10
        false


        network.cookie.prefsMigrated
        true


        network.http.max-connections
        48


        network.http.max-connections-per-server
        16


        network.http.max-persistent-connections-per-proxy
        16


        network.http.max-persistent-connections-per-server
        8


        network.http.pipelining.maxrequests
        8


        network.http.request.max-start-delay
        0


        places.database.lastMaintenance
        1370176233


        places.history.expiration.transient_current_max_pages
        87221


        places.history.expiration.transient_optimal_database_size
        139552030


        plugin.disable_full_page_plugin_for_types
        application/pdf


        plugin.expose_full_path
        true


        privacy.clearOnShutdown.history
        false


        privacy.clearOnShutdown.offlineApps
        true


        privacy.clearOnShutdown.passwords
        true


        privacy.clearOnShutdown.siteSettings
        true


        privacy.donottrackheader.enabled
        true


        privacy.sanitize.migrateFx3Prefs
        true


        privacy.sanitize.sanitizeOnShutdown
        true


        security.csp.enable
        false


        security.OCSP.enabled
        0


        security.warn_viewing_mixed
        false


    user.js-Einstellungen


    Der Profilordner besitzt eine


      user.js-Datei, welche Einstellungen enthält, die nicht von Firefox erstellt wurden.


  Grafik


        Direct2D aktiviert
        true


        DirectWrite aktiviert
        true (6.2.9200.16492)


        Geräte-ID
        0x0605


        GPU #2 aktiv
        false


        GPU-beschleunigte Fenster
        1/1 Direct3D 10


        Karten-Beschreibung
        NVIDIA GeForce 9800 GT


        Karten-RAM
        512


        Karten-Treiber
        nvd3dum nvwgf2um,nvwgf2um


        Treiber-Datum
        3-14-2013


        Treiber-Version
        9.18.13.1422


        Vendor-ID
        0x10de


        WebGL-Renderer
        Google Inc. -- ANGLE (NVIDIA GeForce 9800 GT )


        AzureCanvasBackend
        direct2d


        AzureContentBackend
        direct2d


        AzureFallbackCanvasBackend
        cairo


  JavaScript


        Inkrementelle GC
        true


  Barrierefreiheit


        Aktiviert
        false


        Barrierefreiheit verhindern
        0


  Bibliotheken-Versionen


        Minimal vorausgesetzte Version


        Verwendete Version


        NSPR
        4.9.6
        4.9.6


        NSS
        3.14.3.0 Basic ECC
        3.14.3.0 Basic ECC


        NSSSMIME
        3.14.3.0 Basic ECC
        3.14.3.0 Basic ECC


        NSSSSL
        3.14.3.0 Basic ECC
        3.14.3.0 Basic ECC


        NSSUTIL
        3.14.3.0
        3.14.3.0

Alles anzeigen

ich benutze F-Secure. Ich hab die schritte dort gemacht, aber noch keine Änderung, leider...

Bernd.

Zitat

Des weiteren kann ich im taskmanager den Firefox.exe-Task nicht manuell beenden

Malwarebytes' Anti-Malware (MBAM)
http://www.malwarebytes.org/
Updates laden, vollständigen Scan!

Mit Admin-Rechten ausführen
[Blockierte Grafik: http://img1.imagebanana.com/img/dq2md5e2/Gold.png] http://www.hijackthis-forum.de/tipps-tricks/2…-anleitung.html

Das Logbuch bitte hier als CODE einfügen
[Blockierte Grafik: http://i.imagebanana.com/img/jmjys25z/code_insert2.png]

Das Logbuch bitte hier als ZIP anhängen

OTL
[Blockierte Grafik: http://img1.imagebanana.com/img/dq2md5e2/Gold.png] http://www.trojaner-board.de/85104-otl-otlogfile-oldtimer.html
Programme [x] Alles, [x] LOP [x] Purity, [x] Scanne alle Benutzer, [x] Standardausgabe

Mit Admin-Rechten ausführen.
Die 2 Logbücher (OTL.txt, EXTRAS.txt) bitte hier als ZIP anhängen
[Blockierte Grafik: http://i.imagebanana.com/img/1gruih8h/zip_insert.png]

Tobi1111

Danke schonmal für die ganzen Lösungsvorschläge.
Ich werde jetzt mal die ganzen Scans durchführen und dann, sobald fertig, die ganzen ergebnisse posten.
Vielen Dank für die schnellen Reaktionen.

Boersenfeger

Entferne ProxTube, stelle in den Einstellungen die dadurch geänderten Werte im Firefox und ggf. im System wieder zurück,
[attachment=1]Proxyeinstellungen von Firefox.JPG[/attachment]
[attachment=0]Proxy-Einstellungen von Windows.JPG[/attachment]
entferne auch diese Erweiterung Advanced SystemCare Surfing Protection und setze schließlich noch das Profil zurück. Klicke dazu auf Hilfe :arrow: Informationen zur Fehlerbehebung :arrow: Firefox zurücksetzen
Dies wird Firefox auf die Standardeinstellungen zurücksetzen. Deine Lesezeichen und Passwörter gehen dabei nicht verloren. Die bisherigen Erweiterungen musst du allerdings neu installieren. Nach dem Zurücksetzen werden die alten Profildaten in einem Ordner namens „Alte Firefox Daten“ abgelegt. Wenn das Zurücksetzen das Problem nicht behebt, können einige der Daten, die nicht ins neue Profil übernommen wurden, von dort in das neue Profil kopiert werden. Wenn der Ordner nicht mehr benötigt wird, sollte man diesen löschen, da sensible Daten darin enthalten sind.

Tobi1111

also ich habe das Problem leider immernoch,
hier sind jetzt die ergebnisse der ganzen scanns und so.
Hat sehr lange gedauert bei dem Malwarebytes. Das programm hat über 50 Stunden gebraucht. Ist das normal?

ProxTube ist ebenfalls deinstalliert, aber immernoch keine merkliche Änderung der Internetgeschwindigkeit.

Hier jetzt die ganzen Ergebnisse:

Code

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org


Datenbank Version: v2013.06.02.03


Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16576
Tobias :: DELL-PC [Administrator]


Schutz: Aktiviert


02.06.2013 17:33:14
mbam-log-2013-06-02 (17-33-14).txt


Art des Suchlaufs: Vollständiger Suchlauf (C:\|I:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 2185072
Laufzeit: 2 Tag(en), 11 Stunde(n), 36 Minute(n), 34 Sekunde(n)


Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)


Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)


Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)


Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)


Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)


Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)


Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)


(Ende)

Alles anzeigen

Code

OTL logfile created on: 02.06.2013 17:29:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobias\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 50,17% Memory free
6,50 Gb Paging File | 4,61 Gb Available in Paging File | 71,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 552,98 Gb Free Space | 59,37% Space Free | Partition Type: NTFS
Drive I: | 1863,01 Gb Total Space | 801,88 Gb Free Space | 43,04% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013.06.02 17:18:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Downloads\OTL.exe
PRC - [2013.05.17 15:45:36 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.05.15 21:03:37 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.24 17:48:06 | 003,258,144 | ---- | M] (Connectify) -- C:\Programme\Connectify\Connectifyd.exe
PRC - [2013.04.24 17:47:20 | 000,156,672 | ---- | M] (Connectify) -- C:\Programme\Connectify\ConnectifyService.exe
PRC - [2013.04.23 17:16:52 | 001,035,200 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013.04.23 17:16:52 | 000,621,504 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013.04.05 13:01:50 | 003,816,440 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013.03.28 00:51:54 | 006,405,376 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2013.03.20 19:31:44 | 007,094,592 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013.03.15 04:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2013.03.15 04:59:30 | 001,821,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.02.15 13:07:30 | 000,413,464 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2013.02.15 13:00:08 | 000,831,360 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2013.02.07 14:31:20 | 000,660,504 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2013.01.18 12:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\fshoster32.exe
PRC - [2013.01.15 18:47:10 | 000,465,216 | ---- | M] (IObit) -- C:\Programme\IObit\Advanced SystemCare 6\ASCService.exe
PRC - [2013.01.10 14:12:22 | 001,105,848 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
PRC - [2013.01.03 16:56:12 | 000,311,432 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012.08.06 15:53:14 | 000,061,176 | ---- | M] (F-Secure Corporation) -- C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.03.28 20:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.12.13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.05.05 16:51:00 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\Ctxfihlp.exe
PRC - [2010.05.05 16:46:12 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CTxfispi.exe
PRC - [2009.07.14 03:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013.05.17 15:45:35 | 003,128,728 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.05.15 21:03:37 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013.03.28 00:37:00 | 013,627,872 | ---- | M] () -- C:\Programme\Acronis\TrueImageHome\ti_managers.dll
MOD - [2013.02.02 14:58:13 | 000,593,464 | ---- | M] () -- C:\Windows\winsxs\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
MOD - [2013.01.10 13:43:34 | 000,014,360 | ---- | M] () -- C:\Programme\Common Files\Acronis\TibMounter\icudt38.dll
MOD - [2013.01.03 15:28:18 | 000,086,016 | ---- | M] () -- C:\Programme\F-Secure\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013.01.03 15:28:18 | 000,049,152 | ---- | M] () -- C:\Programme\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2009.03.26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\System32\APOMngr.DLL
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013.05.28 14:36:16 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013.05.17 15:45:35 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.15 21:03:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.24 17:47:20 | 000,156,672 | ---- | M] (Connectify) [Auto | Running] -- C:\Programme\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013.04.05 13:01:50 | 003,816,440 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.03.20 19:31:44 | 007,094,592 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.03.15 07:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.02.15 13:00:08 | 000,831,360 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2013.02.07 14:31:22 | 001,223,704 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013.02.07 14:31:20 | 000,660,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013.01.18 12:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Programme\F-Secure\fshoster32.exe -- (fshoster)
SRV - [2013.01.15 18:47:10 | 000,465,216 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013.01.03 16:56:12 | 000,209,032 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Programme\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2012.08.06 15:53:14 | 000,061,176 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Programme\F-Secure\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.09 17:33:12 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.01.18 15:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.10.15 18:04:28 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Programme\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.04 18:00:04 | 000,221,864 | ---- | M] (F-Secure Corporation) [Disabled | Stopped] -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)
SRV - [2011.03.28 20:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010.11.20 23:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.09.22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Programme\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - [2013.06.02 17:30:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013.04.28 11:46:44 | 000,029,672 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\System32\drivers\cnnctfy3.sys -- (cnnctfy3)
DRV - [2013.04.25 12:52:40 | 000,066,496 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Programme\F-Secure\apps\CCF_Scanning\fsni32.sys -- (fsni)
DRV - [2013.04.23 17:16:53 | 000,072,992 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Programme\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013.04.05 13:01:52 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2013.04.05 13:01:45 | 000,888,640 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2013.04.05 13:01:42 | 000,130,488 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tib_mounter.sys -- (tib_mounter)
DRV - [2013.04.05 13:01:41 | 000,736,192 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tib.sys -- (tib)
DRV - [2013.04.05 13:01:37 | 000,116,000 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vididr.sys -- (vididr)
DRV - [2013.04.05 13:01:36 | 000,085,280 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vidsflt.sys -- (vidsflt)
DRV - [2013.04.05 13:01:32 | 000,158,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2013.04.05 13:01:29 | 000,081,184 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2013.03.15 07:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013.02.27 14:26:28 | 000,044,240 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\fsbts.sys -- (fsbts)
DRV - [2013.02.27 14:21:40 | 000,145,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013.02.07 14:15:22 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013.02.07 13:42:52 | 001,588,256 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2013.01.20 08:14:20 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2013.01.03 16:56:16 | 000,013,960 | ---- | M] () [Kernel | System | Running] -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys -- (fsvista)
DRV - [2012.08.25 06:25:10 | 000,022,984 | ---- | M] (Giant Matrix Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\aflfile.sys -- (aflfile)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 16:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 22:23:54 | 000,122,752 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tinspusb.sys -- (USBTINSP)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.15 20:32:40 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011.10.17 18:38:49 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.10.17 18:38:49 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.05.18 09:09:04 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2010.12.13 14:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010.11.26 18:02:20 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.05.05 18:36:12 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010.05.05 18:36:04 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010.05.05 18:35:56 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010.05.05 18:35:48 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010.05.05 18:31:40 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010.05.05 18:31:24 | 000,528,344 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010.05.05 18:31:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010.05.05 18:27:08 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010.05.05 18:27:08 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010.05.05 18:26:58 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010.05.05 18:26:58 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010.05.05 18:26:50 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010.05.05 18:26:50 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2010.03.15 11:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010.03.15 11:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2010.03.15 11:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2010.03.15 11:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010.03.15 11:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2010.03.15 11:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2010.03.15 11:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010.02.24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.08.26 12:18:16 | 000,029,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009.08.26 12:16:48 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2009.08.26 12:16:40 | 000,020,616 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.07.03 10:59:54 | 000,193,696 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02)
DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AA 89 8C 59 46 94 CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/|http://www.spiegel.de/"
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7B1A2D0EC4-75F5-4c91-89C4-3656F6E44B68%7D:0.6.3
FF - prefs.js..extensions.enabledAddons: %7Bc07d1a49-9894-49ff-a594-38960ede8fb9%7D:3.1.12
FF - prefs.js..extensions.enabledAddons: %7B6bdc61ae-7b80-44a3-9476-e1d121ec2238%7D:0.85
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: tabscope%40xuldev.org:1.1.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\ [2013.02.03 15:38:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.14 20:55:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.14 20:55:51 | 000,000,000 | ---D | M]
 
[2011.10.28 19:22:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions
[2013.06.02 15:01:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\k29b1rku.default\extensions
[2013.05.03 14:40:52 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\k29b1rku.default\extensions\ascsurfingprotection@iobit.com
[2013.04.05 13:03:46 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\k29b1rku.default\extensions\ich@maltegoetz.de
[2013.06.02 15:01:23 | 000,083,379 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\secureLogin@blueimp.net.xpi
[2013.06.02 15:01:23 | 000,057,713 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\tabscope@xuldev.org.xpi
[2013.06.02 15:01:23 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2013.05.27 22:40:15 | 000,096,207 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi
[2013.06.02 15:01:23 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013.06.02 15:01:23 | 000,073,384 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{6bdc61ae-7b80-44a3-9476-e1d121ec2238}.xpi
[2013.06.02 15:01:23 | 000,050,761 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{9AA46F4F-4DC7-4c06-97AF-6665170634FE}.xpi
[2013.06.02 15:01:23 | 000,447,526 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi
[2013.05.09 17:36:51 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.11.24 19:50:05 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2011.11.12 13:06:42 | 000,002,492 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\k29b1rku.default\searchplugins\ixquick-https.xml
[2013.05.17 15:45:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.17 15:45:36 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.01.19 20:59:43 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Programme\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Programme\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [F-Secure Hoster (666)] C:\Program Files\F-Secure\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{971DFC6C-8F67-42E4-891A-3B0421161E62}: DhcpNameServer = 192.168.42.1
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
 
[2013.06.02 17:30:23 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.06.02 17:30:23 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Malwarebytes
[2013.06.02 17:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.02 17:30:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.06.02 17:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.31 21:56:54 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Wise Care 365
[2013.05.31 21:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2013.05.31 21:56:00 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013.05.23 14:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
[2013.05.22 18:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
 
[2013.06.02 17:32:02 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.06.02 17:30:12 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.02 17:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.02 16:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013.06.02 13:16:30 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2013.06.02 12:52:34 | 000,021,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.02 12:52:34 | 000,021,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.02 12:48:33 | 000,716,288 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.02 12:48:33 | 000,671,126 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.02 12:48:33 | 000,157,258 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.02 12:48:33 | 000,129,828 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.02 12:43:38 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Scheduled scanning task.job
[2013.06.02 12:43:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.02 12:43:01 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.01 20:58:07 | 000,054,928 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-00000005-60021102}.rfx
[2013.06.01 20:58:07 | 000,054,928 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000000-00001102-00000005-60021102}.rfx
[2013.06.01 20:58:07 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000000-00001102-00000005-60021102}.rfx
[2013.06.01 20:49:11 | 000,000,667 | ---- | M] () -- C:\Users\Tobias\Tobias - Verknüpfung.lnk
[2013.06.01 11:27:36 | 000,026,221 | ---- | M] () -- C:\Users\Tobias\Desktop\vergleich Handys.odt
[2013.06.01 10:08:58 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.05.28 11:46:13 | 000,000,095 | -H-- | M] () -- C:\Users\Tobias\Documents\.~lock.Titelblatt Expose.pdf#
[2013.05.25 13:54:58 | 000,011,710 | ---- | M] () -- C:\Users\Tobias\Desktop\drucktest.odt
[2013.05.24 13:24:48 | 000,007,597 | ---- | M] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.06.02 17:30:12 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.06.01 20:49:11 | 000,000,667 | ---- | C] () -- C:\Users\Tobias\Tobias - Verknüpfung.lnk
[2013.05.31 22:04:13 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\Wise Turbo Checker.job
[2013.05.31 22:04:11 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2013.05.31 18:25:42 | 000,026,221 | ---- | C] () -- C:\Users\Tobias\Desktop\vergleich Handys.odt
[2013.05.28 11:46:13 | 000,000,095 | -H-- | C] () -- C:\Users\Tobias\Documents\.~lock.Titelblatt Expose.pdf#
[2013.05.23 14:53:53 | 000,015,672 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2013.04.19 14:58:50 | 000,007,597 | ---- | C] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg
[2013.03.21 20:57:41 | 000,006,811 | ---- | C] () -- C:\Users\Tobias\AbiCalc.qc
[2013.02.07 13:42:52 | 000,066,992 | ---- | C] () -- C:\Windows\System32\drivers\FW_7610.bin
[2013.02.07 13:42:52 | 000,044,308 | ---- | C] () -- C:\Windows\System32\drivers\FW_7601.bin
[2013.02.07 13:42:52 | 000,014,172 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2013.02.07 13:42:52 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\FW_2870.bin
[2013.02.07 13:42:52 | 000,004,096 | ---- | C] () -- C:\Windows\System32\drivers\FW_3573.bin
[2013.01.07 19:01:54 | 000,017,603 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2012.11.26 18:12:22 | 000,000,000 | ---- | C] () -- C:\Windows\BanPrc.dat
[2012.11.25 16:20:04 | 000,946,663 | ---- | C] () -- C:\Windows\Diercke Globus Online Uninstaller.exe
[2012.11.10 15:28:30 | 000,006,144 | -H-- | C] () -- C:\Users\Tobias\photothumb.db
[2012.11.06 20:40:24 | 000,024,616 | R--- | C] () -- C:\Users\Tobias\Rechercheprotokoll_Biotechnologie und Umweltschutz.odt
[2012.11.06 20:17:44 | 000,085,926 | ---- | C] () -- C:\Users\Tobias\250.png
[2012.11.06 20:07:05 | 000,000,267 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\SecretLayer.ini
[2012.08.04 21:44:22 | 006,420,240 | ---- | C] () -- C:\Users\Tobias\lol.mp3
[2012.08.02 17:25:08 | 000,000,353 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Network Meter_Settings.ini
[2012.08.02 17:22:58 | 000,000,132 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\Earthquakes Meter_Settings.ini
[2012.07.29 11:47:38 | 001,487,102 | ---- | C] () -- C:\Users\Tobias\Tobias Schulfoto.jpg
[2012.07.27 17:25:42 | 000,124,129 | ---- | C] () -- C:\Users\Tobias\Pizzadienst.png
[2012.07.27 16:01:34 | 2542,458,362 | ---- | C] () -- C:\Users\Tobias\111112_Erste_Sicherung_Laura.tib
[2012.03.19 18:05:56 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2011.12.16 16:54:11 | 000,005,120 | -H-- | C] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.11.26 17:24:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011.11.19 15:19:10 | 000,000,288 | ---- | C] () -- C:\Users\Tobias\AppData\Roaming\.backup.dm
[2011.10.28 18:15:36 | 000,019,460 | ---- | C] () -- C:\Windows\prodsett_copy.ini
[2011.10.17 18:38:49 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.10.17 18:38:49 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.10.17 17:47:30 | 000,000,532 | ---- | C] () -- C:\Windows\eReg.dat
[2011.10.15 18:03:41 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2011.10.15 18:03:41 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011.10.15 10:09:02 | 000,044,240 | ---- | C] () -- C:\Windows\System32\drivers\fsbts.sys
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2012.08.21 15:34:24 | 000,351,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both


< End of report >

Alles anzeigen

Tobi1111

Hier noch der Extras File von OTL:

Code

OTL Extras logfile created on: 02.06.2013 17:29:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobias\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,63 Gb Available Physical Memory | 50,17% Memory free
6,50 Gb Paging File | 4,61 Gb Available in Paging File | 71,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,41 Gb Total Space | 552,98 Gb Free Space | 59,37% Space Free | Partition Type: NTFS
Drive I: | 1863,01 Gb Total Space | 801,88 Gb Free Space | 43,04% Space Free | Partition Type: NTFS
 
Computer Name: DELL-PC | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [icomancer_imbue] -- "C:\Program Files\icomancer\icomancer.exe" /imbue "%1" (LAVA SoftWorks)
Directory [icomancer_remove] -- "C:\Program Files\icomancer\icomancer.exe" /nosplash /remove "%1" (LAVA SoftWorks)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A4EB25E-FF8F-4FCA-B836-8BC193316940}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{0C37B4DD-9C1A-45BB-A9C8-FD25B14ACAE6}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{0E91B823-D321-494E-961C-F3ED34DD11D7}" = lport=137 | protocol=17 | dir=in | app=system | 
"{235651DE-FC07-4E90-8ABB-A74662579030}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2C9CCC66-32B9-481E-9132-809D7D39F872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2D01F9A9-A3F4-47E2-91FF-853BE946253B}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{3820D35C-F6D1-4DB5-B340-B3C2DD65E8AD}" = lport=139 | protocol=6 | dir=in | app=system | 
"{38E66BF0-A5AF-4BC1-B922-CEE4DCE09D6C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{396D441E-DD5F-4063-9EA1-1232FA9921C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3E4F098F-9235-4071-A4AC-055991E55447}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{411EB547-FC0E-4122-97A9-A7113C3E26CD}" = lport=80 | protocol=6 | dir=in | name=http | 
"{49FD3DAB-5939-4A68-83E7-9BB384800BC4}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe | 
"{5084CAF1-1916-4F13-AD1D-01F3287F1AFD}" = rport=445 | protocol=6 | dir=out | app=system | 
"{51703B49-5D5E-40AE-8214-1208F0613357}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{5EA9FE9A-E94D-4857-B672-47A9E1F9E17C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{5F0DD6A2-D397-4B06-B139-193FD78E11C1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6011CD6D-DEE8-4550-8896-76F8FF5DC68E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{62F8A8A8-6BE7-414E-8920-0D92A59BF6E0}" = rport=138 | protocol=17 | dir=out | app=system | 
"{65576F49-2FE6-41B6-A149-EB2BE9B10C02}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{698101A5-B109-4076-80EB-EF910F03D04B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6E8E7141-B417-4DC2-9D2E-A1D5F1FB3F73}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{72ABA21A-5512-4AE5-BEC6-8B205F3C4276}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{79BE5123-A136-4045-B79A-431DEAE30861}" = rport=139 | protocol=6 | dir=out | app=system | 
"{7EEB4D6C-5933-442F-BE7C-BAF54B184F06}" = lport=445 | protocol=6 | dir=in | app=system | 
"{7EFC03A7-D7D8-42CF-AC72-8385B77BE5EE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{84AB92A0-32A7-438B-8D2A-1EBC91CB0625}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"{86DD491B-999C-461C-966C-88E791681F2A}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{9255300E-D6D5-4677-B57E-AC1FC81DCFB7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{96880044-F3F5-4DF6-995A-2A2D625E80AA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{A213712C-5947-4922-9F59-9F965D26DDB3}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{A2B55C5C-55A1-4B8F-8CA8-5BED0D380352}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{ACBE8345-317E-4E34-97C3-69B6CDFA80B9}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{AD3E1202-60E5-49EF-B4D5-AA017878A4D5}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{B80CA75C-5343-4606-AF3F-4C62B30DD31A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{EE4B344D-5F5C-45B7-BE46-BA3065EDFADA}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{F71145AC-2038-4129-B59E-26022DB09C03}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{032E6114-D58D-4A65-9D2D-B7452CDDE303}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{0541548A-3ABF-4FB2-88FF-5D40A6D2CCF2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0B4AE427-1625-4D5D-860A-EED23C5A5A6D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\microsoft flight\flight.exe | 
"{10657D77-0A41-407B-BD19-8E31C386C1C5}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{11A41A86-1012-45FF-9272-52925EF59CFA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{17AE051F-84AC-467F-82F1-E20EF5E1A723}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion\cities in motion.exe | 
"{17EA1C51-0407-4B58-A182-5466D1D10E5D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{1B5E79C0-1768-4E8E-813D-F6505ECA8B98}" = protocol=17 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe | 
"{1D310946-7D0D-4365-80B7-4B958585720D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{20D47699-3A5F-4043-81CC-72A65947E45A}" = protocol=6 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{2DA5168A-8C7E-4F0E-A704-4F6D5E89CB0F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{31C3B84C-37A7-4007-ADDA-FAA08DE38AD4}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{39D3AD96-AA74-44B5-9CD0-8B81AF2DD230}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\microsoft flight\flight.exe | 
"{3E245165-C3EB-4673-A00B-4ABF8DE2258B}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{3E384A6B-B5D6-4B7C-9A9A-E60146BA7154}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\railworks\railworks.exe | 
"{410A8C7D-DD31-4592-A686-3D0BF4BD643A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4929D946-CDCA-4795-85A4-0323ED5FC5E2}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{4C9D44C3-CEA7-46BD-82C6-847B3773952D}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\tools\anno4web.exe | 
"{4F7AF0F0-3CF3-4E80-B3ED-B37DAE7879EE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{500DF0E2-8235-4552-844D-815E568C04FF}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\hpnetworkcommunicator.exe | 
"{5059447B-1A6E-414F-889E-8C4D1946BCD7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe | 
"{53A5E38C-EDB5-4A7B-9BE6-A3842D7BC471}" = dir=out | app=c:\windows\system32\svchost.exe | 
"{56AFFEEC-8CFB-49D3-BE52-A49C3AB6D7CA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion 2\cim2.exe | 
"{5B44D62F-9046-4D9E-9A6A-67C01A04403B}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{5DFC563A-BCA8-4940-BCA5-F346BB77DBDB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{632FCBB1-017E-4F0B-9F4F-C7FC49859E70}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion 2\cim2.exe | 
"{66C039EA-0152-445B-AE18-69F95451E64C}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe | 
"{67BEF2E7-7680-44C6-A830-FFBF98DE0814}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{681F0FCB-E181-4760-8ED9-5DA152CC60BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{68C87B85-11AD-466E-B556-CA0FB54C0DF9}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe | 
"{6D4EDE6A-F579-4D8F-BA57-17876CD52C60}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{6E70F796-7A63-4A95-ABC9-F68BDBF5FA32}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{6F2F3E28-9655-4085-BE4D-EEF32DF29BC3}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{6F99FF93-5C28-4A2D-919F-F6C3A7B10834}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe | 
"{730765B6-2E12-4340-AC80-B91C8DF27FE0}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{740E72B3-E13D-4F8C-BED0-2554E916E600}" = protocol=6 | dir=in | app=c:\program files\firefly studios\stronghold legends\strongholdlegends.exe | 
"{7F3E68C8-0D55-4DA7-A493-D08C10006C18}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{809F102C-C5C9-458F-B440-093ED6569892}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\euro truck simulator 2\bin\win_x86\eurotrucks2.exe | 
"{86E3F398-F545-4CAA-8C4C-65A32DBC8C89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{967A5C7E-1366-467B-8DFA-C8138F45A0DB}" = protocol=6 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | 
"{9AD89571-8547-4AC6-AC87-E06C2AA1A7C4}" = dir=in | app=c:\program files\hp\hp photosmart 5510 series\bin\devicesetup.exe | 
"{A2E65EF6-6F1E-4747-AA25-0029446C8B93}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe | 
"{A993D4A2-6D43-40FD-AF3D-EC3F759C0F33}" = protocol=17 | dir=in | app=c:\program files\ubisoft\related designs\anno 1404\anno4.exe | 
"{ABFA4EEB-9617-4C47-B9FC-224C4C5C4997}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed brotherhood\acbsp.exe | 
"{B071B429-F1D1-47F7-B8CD-6221C62AAAE9}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B62B49DC-CFA7-4EE5-9643-33A0C60055CD}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe | 
"{BB8D0F16-5C05-46C1-850B-F01BBA20A151}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | 
"{BF1B100A-B622-4458-B74B-1442A230A2FB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{C2C10F87-A2B5-4419-B194-E8550679AEAC}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) | 
"{C4ED44D2-286A-4AE5-AA1E-0AE4C80ACA87}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{C91BF913-2D8D-453D-BD6E-7761789B69CC}" = protocol=6 | dir=out | app=system | 
"{D0E6D996-136C-42E2-B278-8019F0F005D2}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{D1427792-480C-4060-82B9-D77BE558CF8B}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe | 
"{D4F58967-5A8D-4E1B-9FBF-8CCAEFCF4372}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cities xl 2012\citiesxl_2012.exe | 
"{DD098862-3E0F-4E09-9750-6B261C692161}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E545DC85-8144-49A4-9637-8013E340BEC7}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe | 
"{E841073F-E3CD-4CFC-9E3F-0DBF4E0EDB51}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\assassins creed brotherhood\acbsp.exe | 
"{EE77BD5F-04DD-4169-B174-9061DE58A2D0}" = protocol=17 | dir=in | app=c:\program files\common files\acronis\syncagent\syncagentsrv.exe | 
"{EFB608E7-F51D-4298-B265-9C08547C1501}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F00CB918-BC76-43C7-9200-BBC39C5866F0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F4567047-1BCB-4A4A-8B4F-EA5B38F250E7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F5B39C29-879E-43C6-AD3B-66EC1FA74216}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F6051AFF-3451-4342-9124-A242C7C090D3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cities in motion\cities in motion.exe | 
"{F6DA4871-6F8D-44D0-8CD8-4350CECDF0F1}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\railworks\railworks.exe | 
"{FBB86543-A199-412B-A949-332560E236C9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{FC829311-21B5-4938-9C20-18B2E9209F09}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"TCP Query User{4E046A41-9918-4A51-AE88-6461A432DE9C}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe" = protocol=6 | dir=in | app=c:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe | 
"TCP Query User{A45F8DDC-A57F-439F-936D-EE45152FBCA1}C:\program files\common files\ti shared\jre\3.2.0\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\common files\ti shared\jre\3.2.0\bin\java.exe | 
"TCP Query User{B761DDF0-5109-424D-9725-DA9142E198ED}C:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe" = protocol=6 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe | 
"TCP Query User{F8CBB668-3FE3-4A8C-B7EA-F9BE6D9C50AE}C:\program files\sma\sunny explorer\sunnyexplorer.exe" = protocol=6 | dir=in | app=c:\program files\sma\sunny explorer\sunnyexplorer.exe | 
"UDP Query User{94526DB7-DAC0-4540-895A-A80EB5581A1C}C:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe" = protocol=17 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat\crashtime4hi.exe | 
"UDP Query User{AF4C771B-B32A-4860-9EA1-0E3354AF40BF}C:\program files\sma\sunny explorer\sunnyexplorer.exe" = protocol=17 | dir=in | app=c:\program files\sma\sunny explorer\sunnyexplorer.exe | 
"UDP Query User{B47BC0D4-6BF0-499A-AE54-A35F945C01B6}C:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe" = protocol=17 | dir=in | app=c:\program files\ti education\ti-nspire cas student software\ti-nspire cas student software.exe | 
"UDP Query User{F1BA6C9A-F498-4915-A6BE-DB193709066F}C:\program files\common files\ti shared\jre\3.2.0\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\common files\ti shared\jre\3.2.0\bin\java.exe | 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000000-2778-5BED-8199-52EB14D8D22F}" = F-Secure CCF Reputation
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1062AD6C-80F4-4BC6-AB7C-A28892B497B8}" = LibreOffice 4.0.2.2
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12047505-FB8E-4B01-8AE5-BAD022DA9AAE}" = Logger Pro 3.8.4.2
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2222706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3 SDK
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1" = FolderIco 1.0
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{32A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3
"{32A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34EF7358-ABC7-8469-5FB6-C5C0146F099E}" = Media Go Video Playback Engine 1.84.107.07010
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39286675-3166-9420-2336-779493021964}" = 18 WoS: Voll aufs Gas
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}" = SimCity 4 Deluxe
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{4304ADDC-824B-4888-A6E7-F8E48D7FDBBD}_is1" = icomancer 1.3.3.103
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}" = True Image 2013
"{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible" = True Image 2013
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50B9EFAD-9AD3-4E6A-A9B7-1C02669D4907}" = Online Safety 2.77.1170.803
"{59E66D02-7CB2-462E-BEBC-14021FE6B31C}" = Sunny Explorer
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{658FDBCA-B7A1-43E4-A849-9F0812473331}" = Computer Security 12.77.100.0 (release)
"{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69F0CEA4-43E2-4CBB-92DF-41860A40A631}" = Formelrechner
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D4E3662-A321-4D98-84B8-934229348575}" = F-Secure Network CCF 1.02.128
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CC4C262-FE40-433D-A8B4-CC3EE18032CE}_is1" = Fallen City version 1.0
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86501894-E722-4385-A792-B7C2F28FAE7B}" = NetSpeedMonitor 2.5.4.0 x86
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D7EF9D6-212E-3C87-AB96-ED9F2A6C3218}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A99968BE-C155-474C-0089-33239DEE1CE2}" = NFS Underground
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B298BB58-D68C-48C5-BC79-5E7EBB2FC922}" = F-Secure Launch pad
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5089197-5B15-44AD-B0FC-2E94EE9ECB63}" = WinSysClean X4 Trial
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CD057C1B-DA7B-441F-969C-7CB0A676F5CB}" = WW2 Panzer Westfront 1940 - 1945
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}" = HP Photosmart 5510 series Hilfe
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E16C056F-CA75-4D7C-AE79-5813DE0F03F1}_is1" = Wondershare PDF Converter (Build 4.0.1)
"{E36439A3-5F71-45B7-B515-7C79AF6A64B8}" = F-Secure CCF Scanning 1.23.124.8831 (release)
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.47
"{E8CC9064-8382-4D5C-9E55-F88D9541FFC0}" = TI-Nspire(TM) CAS Student Software
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.108
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD44CC6E-E0B9-4570-84BA-F1F20E2AAF3A}" = HP Photosmart 5510 series - Grundlegende Software für das Gerät
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin' 
"7-Zip" = 7-Zip 9.20
"A+FolderLocker_is1" = A+ Folder Locker 1.0.1
"ACDLabs in C__Program_Files_ACDFREE12_" = ACD/Labs Software in C:\Program Files\ACDFREE12\
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced SystemCare 6_is1" = Advanced SystemCare 6
"Alarm für Cobra 11 - Das Syndikat_is1" = Alarm für Cobra 11 - Das Syndikat
"Audacity_is1" = Audacity 2.0.2
"AudioCS" = Creative Audio-Systemsteuerung
"BlueJ_is1" = BlueJ 3.0.5
"BurningWheels" = Cobra 11 - Burning Wheels (remove only)
"CABAReT_5_1_is1" = CABAReT Stage 5.1
"CCleaner" = CCleaner
"Connectify" = Connectify
"CrashTime" = Cobra 11 - Crash Time (remove only)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties" = Eigenschaften von Creative Sound Blaster
"Defraggler" = Defraggler
"Die Erben von St.Pauli" = Die Erben von St.Pauli
"Diercke Globus Online" = Diercke Globus Online
"Easy Macro Recorder_is1" = Easy Macro Recorder 4.51
"FlightGear_is1" = FlightGear 2.8.0.5
"Folder Marker_is1" = Folder Marker Home v 3.2 GAOTD Edition
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"F-Secure ServiceEnabler 666" = F-Secure Launch pad
"GeoGebra" = GeoGebra
"German Truck Simulator" = German Truck Simulator 1.00
"HP Photo Creations" = HP Photo Creations
"ImageMagick 6.8.0 Q16_is1" = ImageMagick 6.8.0-8 Q16 (2012-12-01)
"Imperium Romanum" = Imperium Romanum 1.03
"InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}" = Microsoft Flight Simulator X Demo
"IObit Malware Fighter_is1" = IObit Malware Fighter
"jre_is1" = CABAReT JRE 1.6.0_21_Cab5-1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP3 Tag Express 6.8.5" = MP3 Tag Express 6.8.5
"NSIS_oald8" = Oxford Advanced Learner's Dictionary - 8th Edition
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"PhotoScape" = PhotoScape
"Pointofix_is1" = Pointofix
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Q-Dir" = Q-Dir
"Recuva" = Recuva
"Registry Defragmentation" = Registry Defragmentation
"RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3
"Secunia PSI" = Secunia PSI (3.0.0.6005)
"Simpo PDF to PowerPoint_is1" = Simpo PDF to PowerPoint
"Smart Defrag 2_is1" = Smart Defrag 2
"Softdiv PDF to Image Converter_is1" = Softdiv PDF to Image Converter 1.1
"Speccy" = Speccy
"Steam App 201760" = Cities XL 2012
"Steam App 203850" = Microsoft Flight
"Steam App 225420" = Cities in Motion 2
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 24010" = Train Simulator 2012
"Steam App 48190" = Assassin's Creed Brotherhood
"Steam App 73010" = Cities in Motion
"Update Service" = Sony Ericsson Update Service
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"WinSysClean X4 Trial" = WinSysClean X4 Trial
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 16.05.2013 11:30:15 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 9000
Description = 
 
Error - 16.05.2013 11:30:15 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 7040
Description = 
 
Error - 16.05.2013 11:30:15 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 7042
Description = 
 
Error - 16.05.2013 11:30:15 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 9002
Description = 
 
Error - 16.05.2013 11:30:15 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 16.05.2013 11:30:16 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 16.05.2013 11:30:16 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 16.05.2013 11:30:16 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 16.05.2013 11:30:16 | Computer Name = DELL-PC | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 16.05.2013 11:30:57 | Computer Name = DELL-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent
 WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
 > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht
 reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine
 Ereignisse übermittelt werden.
 
Error - 16.05.2013 11:32:00 | Computer Name = DELL-PC | Source = ESENT | ID = 455
Description = DllHost (6088) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei
 C:\Users\Tobias\AppData\Local\Microsoft\Windows\WebCache\V0100004.log.
 
Error - 16.05.2013 14:16:26 | Computer Name = DELL-PC | Source = Microsoft-Windows-WMI | ID = 10
Description = Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent
 WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage
 > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht
 reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine
 Ereignisse übermittelt werden.
 
[ Media Center Events ]
Error - 20.10.2011 11:46:17 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 17:46:17 - Fehler beim Herstellen der Internetverbindung.  17:46:17 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 21.10.2011 10:04:39 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 16:04:39 - Fehler beim Herstellen der Internetverbindung.  16:04:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 22.10.2011 05:08:26 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 11:08:26 - Fehler beim Herstellen der Internetverbindung.  11:08:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 23.10.2011 04:47:45 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 10:47:45 - Fehler beim Herstellen der Internetverbindung.  10:47:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 24.10.2011 09:12:15 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 15:12:15 - Fehler beim Herstellen der Internetverbindung.  15:12:15 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 25.10.2011 11:38:10 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 17:38:10 - Fehler beim Herstellen der Internetverbindung.  17:38:10 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.10.2011 10:29:49 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 16:29:49 - Fehler beim Herstellen der Internetverbindung.  16:29:49 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 27.10.2011 08:46:50 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 14:46:49 - Fehler beim Herstellen der Internetverbindung.  14:46:50 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.10.2011 08:47:14 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 14:47:14 - Fehler beim Herstellen der Internetverbindung.  14:47:14 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 29.10.2011 05:04:16 | Computer Name = DELL-PC | Source = MCUpdate | ID = 0
Description = 11:04:16 - Fehler beim Herstellen der Internetverbindung.  11:04:16 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 02.06.2013 06:43:33 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfsync02
 
Error - 02.06.2013 06:44:25 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 02.06.2013 06:44:25 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 02.06.2013 06:44:52 | Computer Name = DELL-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 02.06.2013 06:44:52 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows Search erreicht.
 
Error - 02.06.2013 06:44:52 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:   %%1053
 
Error - 02.06.2013 06:45:48 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 02.06.2013 06:45:48 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 02.06.2013 09:05:26 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 02.06.2013 09:05:26 | Computer Name = DELL-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
 
< End of report >

Alles anzeigen

Bernd.

Und jetzt rate Mal, warum ich diese beiden Dateie als ZIP angefordert habe?
Weil sich das extrem "schlecht" im Forum liest... :roll:
Ausserdem hat das Forum eine Größenbegrenzung für Text, im schlechten Fall kommt nur die Hälfte an.

Das hat GENAU SO seine Berechtigung, es wäre nett, wenn du das in Zukunft berücksichtigen würdest, danke.

Was mir direkt ins Auge gefallen ist, ist Wise Care - der krempel taugt genauso viel wie TuneUp, Glary - nämlich nichts. Es schrottet dir nur das System.
Der nächste Systemschrotter: IObit\Advanced SystemCare

IObit Malware Fighter ist extrem grenzwertig, es gibt keinerlei Test zu diesem China-Geraffel.

F-Secure Gatekeeper - du benötigst einen Gateway-Schutz -als normaler Benutzer?
http://www.f-secure.com/de/web/busines…-linux/overview
Halte ich für starken Tobak.
Als Dienst [Disabled | Stopped] eh sinnfrei, oder war das nur für einen Test zur Lösungsfindung?

Noch ein AV? Wieviel brauchst du denn noch?
[Kernel | System | Running] -- C:\Programme\F-Secure\apps\ComputerSecurity\Anti-Virus\

Es sind dreierlei VLC-Plugins verzeichnet, das aktuellste reicht

Zitat

FF - HKLM\Software\MozillaPlugins\@http://videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@http://videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@http://videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

DVDVideoSoft mal wieder als Toolbar-Schleuder
C:\Program Files\Common Files\DVDVideoSoft

Das nächste IObit-Gelumpe: Smart Defrag 2
Hast du irgendwie einen Vertrag von denen, dass du den Quatsch nutzen musst?
Also wenn, dann empfehel ich Defraaggler http://www.piriform.com/
oder Auslogics Disk Defrag Free http://www.auslogics.com/en/software/disk-defrag/ (ist auch in deutsch, die Pro v4 nicht)
Ach jo, Defraggler ist schon drauf, dann bleib doch dabei. CCLeaner auch, also warum noch Wise? Speccy ebenso, dannist die Piriform-Familie ja komplett.

Öch nööö: WinSysClean - damit wären es 4 Kaputtmach-Systemschrotter

Die Fehler am Ende der extras.txt sind sehr sicher auf dieses Gelumpe zurückzuführen

Zitat

root/CIMV2

ist eine Auswirkung. Das MediaCenter spinnt rum, irgendein Boottreiber auch, Nvidia ist auch gestört.

Du nutzt Acronis - gehe auf einen funktionierenden Zustand zurück - und zwar ohne F-Secure, Wise, IObit. Da ist dermassen viel kaputt bei dir, da lohnt keine Reparatur mehr.

Tobi1111

Hallo bernd,

Danke für deine Hilfe.
erstmal tut es mir leid, dass es kein zip ist, aber ich wusste nicht wie ich das hochladen sollte.

dann zu deinen Änderungsvorschlägen, ich habe die IObit Programme alle deinstalliert.

Bei den 3 VLC Dateien, habe ich nur eine davor gefunden, und zwar die aktuellste.
Wo sind die denn gespeichert, bzw. kann ich die manuell löschen?

Zu den Acronis-Sicherungen: Ich bin sobald das Problem aufgetreten ist, sofort auf eine ältere Sicherung zurückgegangen.
Das hat aber nichts gebracht. Und meine letzten Sicherungen sind auch alle noch mit F-Secure. Die anderen Programme sind jetzt aktuell nicht mehr da.

Falls ich den PC komplett neuaufsetzten müsste, wie kann ich meine Firefox-Lesezeichen auf eine externe Festplatte retten? und dann nachher wieder herstellen?

Danke.
Tobias

Fox2Fox

Mit Firefox und Thunderbird auf einen neuen Rechner umziehen [Blockierte Grafik: http://i39.tinypic.com/s1kgb4.png]

Profil sichern und wiederherstellen [Blockierte Grafik: http://i39.tinypic.com/s1kgb4.png]

Wiederherstellen wichtiger Daten aus einem Profil [Blockierte Grafik: http://i39.tinypic.com/s1kgb4.png]

Bernd.

Da Acronis präsent, erstelle dir ein letzte Image, da sind dann alle deine Benutzerdaten gerettet - du hast reichlich Spiele installiert. Nach der Neuinstallation mit Acronis das Image mounten und Daten herauskopieren.

~~Mit Firefox und Thunderbird auf einen neuen Rechner umziehen~~ zu spät

Optional ist auch Firesave
http://stadt-bremerhaven.de/firesave-1-0-d…er-den-firefox/
Download dort im "Downloadbereich" > Firefox > Firesafe

Tobi1111

Vielen >Dank für alle Lösungsvorschläge.

Ich habe meinen PC neuaufgesetzt. Die Lesezeichen und E-Mails konnte ich dank firesave und thundersave retten. Vielen Dank für den Tipp

Auch die Internetgeschwindigkeit ist wieder auf altem Niveau.

Vielen, vielen Dank nochmal für die superschnelle Hilfe.

Fox2Fox

Leider kennst du jetzt nicht den Auslöser für das Problem. Von daher könnte es sich wiederholen.

Empfehlen kann ich dir ein Backup-Programm für das gesamte System. Das erspart dir ein Neuaufsetzen. Kannst dir mal TrueImage von Acronis anschauen - wäre meine Empfehlung.

Bernd.

Acronis nutzt(e) er schon Alles andere steht geschrieben :idea:

MfG

Fox2Fox

Zitat von Bernd.

Acronis nutzt(e) er schon Alles andere steht geschrieben :idea:

Öh... Wenn man nicht immer alles liest.