Windows 7 64-Bit richtig sichern, Problemerkennung

Dieses Thema Windows 7 64-Bit richtig sichern, Problemerkennung im Forum "Viren, Trojaner, Spyware etc." wurde erstellt von micha001, 20. Mai 2013.

Thema: Windows 7 64-Bit richtig sichern, Problemerkennung hallo leute.... mein win 7 64 rechner wird trotz regelmäßiger säuberung mitt ccleaner uns spypot immer langsamer,...

  1. hallo leute....

    mein win 7 64 rechner wird trotz regelmäßiger säuberung mitt ccleaner uns spypot immer langsamer, gerade was den seitenaufbau bei firefox ( aktuelle versionen) betrifft.
    nun habe ich av als virenscanner am laufen und ZA als firewall. (hardware ist die fritz box 7390 mit int. firewall).
    trotz meiner 16.000er dsl leitung wird der seitenaufbau immer langsamer, nach löschen mit cc und spypot geht es wieder für ein/zwei tage recht flott, dann ist es wieder rum.

    spypot findet dann ab und zu wieder gelöschte verfolgende cookies oder doppelklick immer wider aufs neue :O, diese lösche ich meist und dann rennt der kurz wieder.
    ich hab auch schon eine log mit hijackthis gemacht und war auch nicht wirklich auffällig.
    wie komme ich drauf was das system bremst, bzw wie weiß ich die log datein richtig zu lesen ( teilweise will spypot ja in der reg rumschreiben :O)

    soll ich meine eine log datei posten, bin echt überfragt.
    hab das gefühl es werden immer mehr anti viren, malware programme und es bessert sich damit nichts.

    p.s. in der zusammenstellung (ZA, AV....) ist der rechner zuvor super gelaufen, bestimmt ein halbes jahr lang.
    cache und co werden regelmäßig glöscht
     
  2. hallo....
    so hab ich gemacht...aber mal kurz zuvor.
    bin irgendwie mit einem doppelklick auf das blöde feld bereinigen gekommen, bis ich reagiert habe war es schon rum, er meldete gleich ...wird erst nach neustart gelöscht, jetzt traue ich mich nicht den rechner auszuschalten, was soll ich machen ??

    hier die logs ..
    log A, teil 1
    OTL Extras logfile created on: 20.05.2013 19:20:05 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = E:\Michael\Dateien\Software
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

    4,00 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 64,29% Memory free
    7,99 Gb Paging File | 6,40 Gb Available in Paging File | 80,02% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 465,66 Gb Total Space | 414,69 Gb Free Space | 89,05% Space Free | Partition Type: NTFS
    Drive E: | 232,87 Gb Total Space | 163,71 Gb Free Space | 70,30% Space Free | Partition Type: NTFS

    Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- %1 %*
    cmdfile [open] -- %1 %*
    comfile [open] -- %1 %*
    exefile [open] -- %1 %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML %1
    http [open] -- C:\Program Files (x86)\Opera\Opera.exe %1 (Opera Software)
    https [open] -- C:\Program Files (x86)\Opera\Opera.exe %1 (Opera Software)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe %1 (Microsoft Corporation)
    InternetShortcut [open] -- C:\Windows\System32\rundll32.exe C:\Windows\System32\ieframe.dll,OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- C:\Windows\System32\rundll32.exe C:\Windows\System32\mshtml.dll,PrintHTML %1 (Microsoft Corporation)
    piffile [open] -- %1 %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- %1
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- %1 /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue %1 ()
    Directory [cmd] -- cmd.exe /s /k pushd %V (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path %1 (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue %1 ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)


    danke schon mal für die hilfe...michael
     
  3. log A teil 2
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- %1 %*
    cmdfile [open] -- %1 %*
    comfile [open] -- %1 %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe %1,%* (Microsoft Corporation)
    exefile [open] -- %1 %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML %1
    http [open] -- C:\Program Files (x86)\Opera\Opera.exe %1 (Opera Software)
    https [open] -- C:\Program Files (x86)\Opera\Opera.exe %1 (Opera Software)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe %1 (Microsoft Corporation)
    piffile [open] -- %1 %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- %1
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- %1 /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue %1 ()
    Directory [cmd] -- cmd.exe /s /k pushd %V (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path %1 (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue %1 ()
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    cval = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    VistaSp1 = 28 4D B2 76 41 04 CA 01 [binary data]
    AntiVirusOverride = 0
    AntiSpywareOverride = 0
    FirewallOverride = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== System Restore Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications = 0
    EnableFirewall = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications = 0
    EnableFirewall = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    DisableNotifications = 0
    EnableFirewall = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    {0B3E0758-1E65-461E-8306-2D4A87E06105} = rport=139 | protocol=6 | dir=out | app=system |
    {142B653C-C682-44B4-BC70-D3CC55B5CD7F} = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    {40B8B158-4DD6-4C94-B1E2-0C31FD4C6BF2} = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    {44E066EA-BBA0-43FA-BEF2-63072003CD71} = lport=138 | protocol=17 | dir=in | app=system |
    {64B23797-80BE-4C9D-B417-2678A4AF9B7D} = lport=445 | protocol=6 | dir=in | app=system |
    {71044655-6E3C-40E5-A660-F24537200D88} = lport=139 | protocol=6 | dir=in | app=system |
    {77D6E422-E53D-4FA9-B386-8264CCA70FEA} = lport=137 | protocol=17 | dir=in | app=system |
    {80767E93-BA3F-4E97-AF4B-0B075CC6B0C7} = rport=445 | protocol=6 | dir=out | app=system |
    {9D9587A7-8281-4705-A7CA-6A8EECC8FC56} = rport=137 | protocol=17 | dir=out | app=system |
    {AC528CDA-D250-41FE-85EE-A7EC0B2B1527} = rport=138 | protocol=17 | dir=out | app=system |
    {AF203E0B-0228-44F9-8377-4FE545AF4690} = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    {D1BE0C0B-30F3-47B4-A81A-83F9908BBD27} = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
     
  4. log A teil 3

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    {0D062C1F-CAFB-49BF-9EAD-D9B360786D4C} = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    {1B09EEB1-9368-456A-B21E-B023B378F7F9} = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
    {3938B45C-7E75-42D7-B4FB-633B5AFCC655} = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
    {403B3823-BC76-40F0-8FF5-ADF062ADF0A9} = protocol=17 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
    {5D877DAA-51F9-4D53-98D2-EC559BFA1B54} = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
    {607F3137-8371-4057-84BF-DD5E055F6F79} = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    {7DE30A6B-5CF2-45E6-B953-FED0AFFA7EF0} = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    {82375DE3-D3B9-4820-8B93-512C323F901C} = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    {8DE3D770-8D34-4F73-BA5D-8E44736088F8} = protocol=6 | dir=in | app=c:\windows\syswow64\zonelabs\vsmon.exe |
    {FB5BE49F-9E52-4FF1-A86C-60D85B6415B4} = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
    TCP Query User{83F8DC2A-2229-4547-8D49-AB7341B0E506}C:\program files (x86)\logview v2\logging console\smartinspectconsole.exe = protocol=6 | dir=in | app=c:\program files (x86)\logview v2\logging console\smartinspectconsole.exe |
    UDP Query User{32184C95-528B-4E3B-AACA-8D50F61A606B}C:\program files (x86)\logview v2\logging console\smartinspectconsole.exe = protocol=17 | dir=in | app=c:\program files (x86)\logview v2\logging console\smartinspectconsole.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series = Canon iP4900 series Printer Driver
    {1E9FC118-651D-4934-97BE-E53CAE5C7D45} = Microsoft_VC80_MFCLOC_x86_x64
    {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} = Microsoft_VC80_CRT_x86_x64
    {53480140-1E7B-4DB5-BAA6-4D02D0452355} = O&O MediaRecovery
    {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 = CDBurnerXP
    {8557397C-A42D-486F-97B3-A2CBC2372593} = Microsoft_VC90_ATL_x86_x64
    {925D058B-564A-443A-B4B2-7E90C6432E55} = Microsoft_VC80_ATL_x86_x64
    {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} = Microsoft_VC90_CRT_x86_x64
    {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} = Microsoft_VC90_MFC_x86_x64
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision = NVIDIA 3D Vision Treiber 306.97
    {B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel = NVIDIA Systemsteuerung 306.97
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver = NVIDIA Grafiktreiber 306.97
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX = NVIDIA PhysX-Systemsoftware 9.10.0514
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update = NVIDIA Update 1.10.8
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver = NVIDIA HD-Audiotreiber 1.1.9.0
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer = NVIDIA Install Application
    {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update = NVIDIA Update Components
    {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} = Microsoft_VC80_MFC_x86_x64
    49CF605F02C7954F4E139D18828DE298CD59217C = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
    CCleaner = CCleaner
    ZoneAlarm Toolbar = ZoneAlarm Toolbar

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    {02E89EFC-7B07-4D5A-AA03-9EC0902914EE} = VC 9.0 Runtime
    {033E378E-6AD3-4AD5-BDEB-CBD69B31046C} = Microsoft_VC90_ATL_x86
    {08D2E121-7F6A-43EB-97FD-629B44903403} = Microsoft_VC90_CRT_x86
    {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} = Adobe Community Help
    {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} = Microsoft_VC80_ATL_x86
    {147D7D66-DB73-40A7-BF98-220C5454C1B1} = ADAC Auto 2011
    {1B057A23-C5DA-461E-85E1-E3F589875393} = ADAC Special Gebrauchtwagen 2007-2008
    {20D4A895-748C-4D88-871C-FDB1695B0169} = Platform
    {22B0E143-2B0B-435B-9F56-136A3D16065F} = No23 Recorder
    {23586840-E892-42BD-A39D-49EEE95442AA} = Garmin BaseCamp
    {4167697E-3422-4E92-BD5F-C0688C684113} = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
    {510D2239-6C2E-457B-9590-485EC552D94D} = Garmin USB Drivers
    {56C049BE-79E9-4502-BEA7-9754A3E60F9B} = neroxml
    {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} = Microsoft_VC90_MFC_x86
    {837b34e3-7c30-493c-8f6a-2b0f04e2912c} = Microsoft Visual C++ 2005 Redistributable
    {92D58719-BBC1-4CC3-A08B-56C9E884CC2C} = Microsoft_VC80_CRT_x86
    {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} = ImagXpress
    {AC76BA86-7AD7-1031-7B44-AB0000000001} = Adobe Reader XI - Deutsch
    {B1EE1CC5-6CED-4801-BFFF-8454F21A245A} = Garmin Communicator Plugin
    {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 = Spybot - Search & Destroy
    {B515962D-C979-44AC-9912-F7BB499B4B2C} = VirtualDJ Home FREE
    {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} = NVIDIA PhysX
    {CC8E94A2-55C7-4460-953C-2A790180578C} = LightScribe System Software
    {D1A19B02-817E-4296-A45B-07853FD74D57} = Microsoft_VC80_MFC_x86
    {D92BBB52-82FF-42ED-8A3C-4E062F944AB7} = Microsoft_VC80_MFCLOC_x86
    {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} = Adobe Media Player
    {F7338FA3-DAB5-49B2-900D-0AFB5760C166} = PC Probe II
    {F8AA17F1-0324-48C2-B22C-26DB33C33830} = ADAC Gebrauchtwagen 2011-2012
    {FDB3B167-F4FA-461D-976F-286304A57B2A} = Adobe AIR
    Adobe AIR = Adobe AIR
    Adobe Flash Player Plugin = Adobe Flash Player 11 Plugin
    Audacity_is1 = Audacity 2.0.2
    Avira AntiVir Desktop = Avira AntiVir Personal - Free Antivirus
    CameraWindowDVC6 = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    CameraWindowLauncher = Canon Utilities CameraWindow
    CANON iMAGE GATEWAY Task = CANON iMAGE GATEWAY Task for ZoomBrowser EX
    Canon Internet Library for ZoomBrowser EX = Canon Internet Library for ZoomBrowser EX
    Canon iP4900 series Benutzerregistrierung = Canon iP4900 series Benutzerregistrierung
    Canon iP4900 series On-screen Manual = Canon iP4900 series On-screen Manual
    CanonMyPrinter = Canon My Printer
    CanonSolutionMenuEX = Canon Solution Menu EX
    chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 = Adobe Community Help
    com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 = Adobe Media Player
    DPP = Canon Utilities Digital Photo Professional 3.8
    DVD Flick_is1 = DVD Flick 1.3.0.7
    Easy-PhotoPrint EX = Canon Easy-PhotoPrint EX
    EOS Utility = Canon Utilities EOS Utility
    HDD Health_is1 = HDD Health v2.1 Beta
    InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} = VIA Plattform-Geräte-Manager
    LogView V2 = LogView V2
    Mozilla Firefox 21.0 (x86 de) = Mozilla Firefox 21.0 (x86 de)
    MozillaMaintenanceService = Mozilla Maintenance Service
    MyCamera = Canon Utilities MyCamera
    NVIDIAStereo = NVIDIA Stereoscopic 3D Driver
    Opera 12.14.1738 = Opera 12.14
    PhotomatixPro3_is1 = Photomatix Pro version 3.1.2
    PhotoScape = PhotoScape
    PhotoStitch = Canon Utilities PhotoStitch
    QwikData_Analysis_Software_(32-Bit)_3.12 = QwikData Analysis Software (32-Bit) 4.05
    RAW Image Task = Canon RAW Image Task for ZoomBrowser EX
    RemoteCaptureTask = Canon Utilities RemoteCapture Task for ZoomBrowser EX
    ShiftN_is1 = ShiftN 3.5
    SLABCOMM&10C4&EA60 = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
    TapinRadio_is1 = TapinRadio 1.38
    VLC media player = VLC media player 1.1.11
    WinRAR archiver = WinRAR Archivierer
    XMedia Recode = XMedia Recode 3.0.1.0
    ZoneAlarm = ZoneAlarm
    ZoomBrowser EX = Canon Utilities ZoomBrowser EX
    ZoomBrowser EX Memory Card Utility = Canon ZoomBrowser EX Memory Card Utility
     
  5. log A teil4

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    LogView V2 2 = LogView V2 2
    Mozilla Firefox 21.0 (x86 de) = Mozilla Firefox 21.0 (x86 de)

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 27.12.2012 15:59:43 | Computer Name = Micha-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000017b2 ID des fehlerhaften Prozesses:
    0xdc8 Startzeit der fehlerhaften Anwendung: 0x01cde46cb51edc4c Pfad der fehlerhaften
    Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
    C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: f485b1ee-505f-11e2-adfe-bcaec53371b7

    Error - 27.12.2012 16:00:12 | Computer Name = Micha-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000017b2 ID des fehlerhaften Prozesses:
    0xac4 Startzeit der fehlerhaften Anwendung: 0x01cde46cc6ea3a19 Pfad der fehlerhaften
    Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
    C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: 055fb290-5060-11e2-adfe-bcaec53371b7

    Error - 27.12.2012 16:06:13 | Computer Name = Micha-PC | Source = Application Error | ID = 1000
    Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
    0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000017b2 ID des fehlerhaften Prozesses:
    0xcf8 Startzeit der fehlerhaften Anwendung: 0x01cde46d9de5684d Pfad der fehlerhaften
    Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
    C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Berichtskennung: dc8a4594-5060-11e2-adfe-bcaec53371b7

    Error - 04.01.2013 07:48:02 | Computer Name = Micha-PC | Source = SideBySide | ID = 16842815
    Description = Fehler beim Generieren des Aktivierungskontextes für c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll. Fehler in Manifest- oder Richtliniendatei
    c:\program files (x86)\spybot - search & destroy\DelZip179.dll in Zeile 8. Der
    Wert * des language-Attributs im assemblyIdentity-Element ist ungültig.

    Error - 12.01.2013 12:09:34 | Computer Name = Micha-PC | Source = SideBySide | ID = 16842815
    Description = Fehler beim Generieren des Aktivierungskontextes für c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll. Fehler in Manifest- oder Richtliniendatei
    c:\program files (x86)\spybot - search & destroy\DelZip179.dll in Zeile 8. Der
    Wert * des language-Attributs im assemblyIdentity-Element ist ungültig.

    Error - 24.01.2013 14:35:06 | Computer Name = Micha-PC | Source = SideBySide | ID = 16842815
    Description = Fehler beim Generieren des Aktivierungskontextes für c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll. Fehler in Manifest- oder Richtliniendatei
    c:\program files (x86)\spybot - search & destroy\DelZip179.dll in Zeile 8. Der
    Wert * des language-Attributs im assemblyIdentity-Element ist ungültig.

    Error - 04.02.2013 15:08:11 | Computer Name = Micha-PC | Source = Application Hang | ID = 1002
    Description = Programm dvdflick.exe, Version 1.307.0.738 kann nicht mehr unter Windows
    ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
    um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 123c Startzeit:
    01ce03005a51b18b Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\DVD Flick\dvdflick.exe
     
  6. log A teil5

    Berichts-ID:


    Error - 12.02.2013 11:25:04 | Computer Name = Micha-PC | Source = SideBySide | ID = 16842815
    Description = Fehler beim Generieren des Aktivierungskontextes für c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll. Fehler in Manifest- oder Richtliniendatei
    c:\program files (x86)\spybot - search & destroy\DelZip179.dll in Zeile 8. Der
    Wert * des language-Attributs im assemblyIdentity-Element ist ungültig.

    Error - 16.02.2013 15:02:15 | Computer Name = Micha-PC | Source = SideBySide | ID = 16842815
    Description = Fehler beim Generieren des Aktivierungskontextes für c:\program files
    (x86)\spybot - search & destroy\DelZip179.dll. Fehler in Manifest- oder Richtliniendatei
    c:\program files (x86)\spybot - search & destroy\DelZip179.dll in Zeile 8. Der
    Wert * des language-Attributs im assemblyIdentity-Element ist ungültig.

    Error - 23.02.2013 13:30:28 | Computer Name = Micha-PC | Source = Application Hang | ID = 1002
    Description = Programm dvdflick.exe, Version 1.307.0.738 kann nicht mehr unter Windows
    ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
    um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b98 Startzeit:
    01ce11ead65abd3c Endzeit: 16 Anwendungspfad: C:\Program Files (x86)\DVD Flick\dvdflick.exe

    Berichts-ID:


    [ Media Center Events ]
    Error - 03.07.2011 03:21:10 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 09:21:10 - Fehler beim Herstellen der Internetverbindung. 09:21:10
    - Serververbindung konnte nicht hergestellt werden..

    Error - 05.07.2011 11:08:44 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 17:08:44 - Fehler beim Herstellen der Internetverbindung. 17:08:44
    - Serververbindung konnte nicht hergestellt werden..

    Error - 06.07.2011 15:42:16 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 21:42:15 - Fehler beim Herstellen der Internetverbindung. 21:42:16
    - Serververbindung konnte nicht hergestellt werden..

    Error - 07.07.2011 02:08:58 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 08:08:58 - Fehler beim Herstellen der Internetverbindung. 08:08:58
    - Serververbindung konnte nicht hergestellt werden..

    Error - 12.07.2011 09:03:55 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 15:03:55 - Fehler beim Herstellen der Internetverbindung. 15:03:55
    - Serververbindung konnte nicht hergestellt werden..

    Error - 12.07.2011 09:04:04 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 15:04:00 - Fehler beim Herstellen der Internetverbindung. 15:04:00
    - Serververbindung konnte nicht hergestellt werden..

    Error - 18.07.2011 02:45:33 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 08:45:33 - Fehler beim Herstellen der Internetverbindung. 08:45:33
    - Serververbindung konnte nicht hergestellt werden..

    Error - 18.07.2011 02:45:42 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 08:45:38 - Fehler beim Herstellen der Internetverbindung. 08:45:38
    - Serververbindung konnte nicht hergestellt werden..

    Error - 03.01.2012 17:23:58 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 22:23:51 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
    zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
    konnte keine Vertrauensstellung hergestellt werden..)

    Error - 06.08.2012 03:45:36 | Computer Name = Micha-PC | Source = MCUpdate | ID = 0
    Description = 09:45:30 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
    zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
    konnte keine Vertrauensstellung hergestellt werden..)

    [ Spybot - Search and Destroy Events ]
    Error - 05.05.2013 15:23:23 | Computer Name = Micha-PC | Source = SDCleaner | ID = 100
    Description = LoadCleaningInstructions

    [ System Events ]
    Error - 19.05.2013 07:52:28 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:28 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:28 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:29 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.

    Error - 19.05.2013 07:52:47 | Computer Name = Micha-PC | Source = Ntfs | ID = 262199
    Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
    Führen
    Sie auf dem Volume \Device\HarddiskVolumeShadowCopy9 den Befehl chkdsk aus.


    < End of report >
     
  7. so log B teil 1

    OTL logfile created on: 20.05.2013 19:20:05 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = E:\Michael\Dateien\Software
    64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

    4,00 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 64,29% Memory free
    7,99 Gb Paging File | 6,40 Gb Available in Paging File | 80,02% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 465,66 Gb Total Space | 414,69 Gb Free Space | 89,05% Space Free | Partition Type: NTFS
    Drive E: | 232,87 Gb Total Space | 163,71 Gb Free Space | 70,30% Space Free | Partition Type: NTFS

    Computer Name: MICHA-PC | User Name: Micha | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013.05.20 19:17:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\Michael\Dateien\Software\OTL.exe
    PRC - [2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2012.11.13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    PRC - [2012.11.13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    PRC - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    PRC - [2011.07.07 20:49:26 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
    PRC - [2011.02.18 18:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
    PRC - [2005.06.24 09:17:06 | 000,715,264 | ---- | M] (PANTERASoft) -- C:\Program Files (x86)\HDD Health\hddhealth.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV - [2013.05.14 20:48:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012.10.10 22:23:42 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2012.09.23 21:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011.07.07 20:49:26 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
    SRV - [2011.02.15 17:26:18 | 000,822,264 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
    SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
    SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.07.07 20:49:26 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
    DRV:64bit: - [2011.07.07 20:49:26 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
    DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010.09.07 22:08:56 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2010.08.04 15:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV:64bit: - [2010.05.15 17:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
    DRV:64bit: - [2010.04.27 03:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2010.04.27 03:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2008.07.15 17:09:16 | 000,068,608 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabser.sys -- (silabser)
    DRV:64bit: - [2008.07.15 17:09:16 | 000,023,040 | ---- | M] (Silicon Laboratories, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\silabenm.sys -- (silabenm)
    DRV - [2011.02.15 17:25:38 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 A0 50 81 90 44 CC 01 [binary data]
    IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
    IE - HKCU\..\SearchScopes,DefaultScope = {F729B7AF-241A-41AC-ACAA-B644A7D23E2A}
    IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
    IE - HKCU\..\SearchScopes\{F729B7AF-241A-41AC-ACAA-B644A7D23E2A}: URL = http://www.google.de/search?q={searchTerms}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultthis.engineName: ZoneAlarm-Sicherheit Customized Web Search
    FF - prefs.js..browser.search.defaulturl: http://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.startup.homepage: http://google.de
    FF - prefs.js..extensions.enabledAddons: %7Bd10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d%7D:2.0.3
    FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
    FF - prefs.js..extensions.enabledAddons: clearConsole%40penzil.com:1.7
    FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.14
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
    FF - user.js - File not found
     
  8. log B teil

    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
    FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
    FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
    FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.03.09 19:17:00 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.11.15 21:35:41 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Users\Micha\AppData\Local\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Users\Micha\AppData\Local\Mozilla Firefox\plugins

    [2011.09.19 22:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Extensions
    [2013.04.30 23:26:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\d1oxk5a6.default\extensions
    [2013.04.08 20:49:10 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\d1oxk5a6.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
    [2013.02.03 19:35:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Micha\AppData\Roaming\mozilla\Firefox\Profiles\d1oxk5a6.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2013.03.31 00:09:05 | 000,058,155 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\d1oxk5a6.default\extensions\clearConsole@penzil.com.xpi
    [2013.04.22 20:38:40 | 000,281,921 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\d1oxk5a6.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
    [2012.04.12 20:04:39 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\d1oxk5a6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2011.11.07 13:25:04 | 000,000,943 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\mozilla\firefox\profiles\d1oxk5a6.default\searchplugins\conduit.xml
    [2013.05.18 19:45:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
    [2013.05.18 19:45:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013.05.17 20:04:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions
    [2013.05.17 20:04:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
    O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
    O4 - HKCU..\Run: [AdobeBridge] File not found
    O4 - HKCU..\Run: [HDDHealth] C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
    O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
    O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{65D1C347-769B-4543-96E5-812E601D100D}: DhcpNameServer = 192.168.178.1
    O18:64bit: - Protocol\Handler\gopher - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- %1 %*
    O35:64bit: - HKLM\..exefile [open] -- %1 %*
    O35 - HKLM\..comfile [open] -- %1 %*
    O35 - HKLM\..exefile [open] -- %1 %*
    O37:64bit: - HKLM\...com [@ = comfile] -- %1 %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- %1 %*
    O37 - HKLM\...com [@ = comfile] -- %1 %*
    O37 - HKLM\...exe [@ = exefile] -- %1 %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013.05.20 09:40:48 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Micha\Desktop\HiJackThis204.exe
    [2013.05.16 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\Micha\AppData\Local\Mozilla Firefox
    [2012.10.30 14:21:41 | 003,543,040 | ---- | C] (NEW LOOK electronic publishing GmbH) -- C:\Program Files (x86)\Gebrauchtwagen 2011-2012.exe
    [2009.05.26 09:26:30 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Program Files (x86)\No23 Recorder.exe
    [2009.05.26 09:26:30 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Program Files (x86)\CDRip.dll
    [2009.05.26 09:26:30 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Program Files (x86)\bass.dll
    [2009.05.26 09:26:30 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Program Files (x86)\basscd.dll
    [2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Micha\AppData\Local\CDRip.dll
    [2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Micha\AppData\Local\No23 Recorder.exe
    [2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Micha\AppData\Local\basscd.dll
    [2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Micha\AppData\Local\bass.dll
    [69 C:\*.tmp files -> C:\*.tmp -> ]
    [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013.05.20 19:18:48 | 000,022,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013.05.20 19:18:48 | 000,022,448 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013.05.20 19:18:37 | 000,001,090 | ---- | M] () -- C:\Users\Micha\Desktop\OTL.lnk
    [2013.05.20 19:18:23 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013.05.20 19:18:23 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2013.05.20 19:18:23 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013.05.20 19:18:23 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2013.05.20 19:18:23 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013.05.20 19:11:53 | 000,000,680 | RHS- | M] () -- C:\Users\Micha\ntuser.pol
    [2013.05.20 19:11:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013.05.20 19:11:31 | 3219,693,568 | -HS- | M] () -- C:\hiberfil.sys
    [2013.05.20 09:40:10 | 000,001,166 | ---- | M] () -- C:\Users\Micha\Desktop\HiJackThis204.exe - Verknüpfung.lnk
    [2013.05.20 09:38:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013.05.20 09:20:25 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Micha\Desktop\HiJackThis204.exe
    [2013.05.18 19:45:28 | 000,001,187 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013.05.14 20:48:54 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2013.05.14 20:48:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [69 C:\*.tmp files -> C:\*.tmp -> ]
    [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013.05.20 19:18:37 | 000,001,090 | ---- | C] () -- C:\Users\Micha\Desktop\OTL.lnk
    [2013.05.20 09:40:10 | 000,001,166 | ---- | C] () -- C:\Users\Micha\Desktop\HiJackThis204.exe - Verknüpfung.lnk
    [2013.05.18 19:45:28 | 000,001,187 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013.05.18 19:42:49 | 000,001,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013.05.16 21:46:24 | 000,001,204 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012.12.29 22:54:57 | 000,122,008 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
    [2012.10.30 14:21:41 | 000,019,889 | ---- | C] () -- C:\Program Files (x86)\display.cf
    [2012.10.30 14:21:41 | 000,012,719 | ---- | C] () -- C:\Program Files (x86)\select.cf
    [2012.10.30 14:21:34 | 172,924,928 | ---- | C] () -- C:\Program Files (x86)\Gebrauchtwagen 2011-2012.dat
    [2012.02.04 01:37:27 | 000,000,034 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2012.02.04 01:37:27 | 000,000,031 | ---- | C] () -- C:\Windows\ODBC.INI
    [2012.02.04 01:37:26 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\Ir32.dll
    [2011.10.20 20:06:57 | 000,001,622 | ---- | C] () -- C:\Users\Micha\AppData\Local\RecConfig.xml
    [2011.10.13 14:17:38 | 000,004,608 | ---- | C] () -- C:\Users\Micha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.10.12 18:33:29 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\sh33w32.dll
    [2011.07.15 14:03:43 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\implode.dll
    [2011.07.15 14:03:42 | 000,035,328 | ---- | C] () -- C:\Windows\SysWow64\INETWH32.DLL
    [2011.07.15 14:03:42 | 000,009,136 | ---- | C] () -- C:\Windows\SysWow64\INETWH16.DLL
    [2011.06.13 11:32:02 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
    [2011.06.08 21:48:40 | 000,000,000 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\downloads.m3u
    [2011.05.29 19:16:41 | 000,001,099 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\ShiftN.ini
    [2011.05.18 20:43:13 | 000,000,680 | RHS- | C] () -- C:\Users\Micha\ntuser.pol
    [2011.04.26 18:41:50 | 000,000,029 | ---- | C] () -- C:\Users\Micha\AppData\Roaming\default.rss
    [2011.04.10 21:52:17 | 000,007,633 | ---- | C] () -- C:\Users\Micha\AppData\Local\Resmon.ResmonCfg
    [2009.05.26 09:26:30 | 000,155,136 | ---- | C] () -- C:\Program Files (x86)\lame_enc.dll
    [2009.05.26 09:26:30 | 000,143,872 | ---- | C] () -- C:\Program Files (x86)\vorbis.dll
    [2009.05.26 09:26:30 | 000,064,000 | ---- | C] () -- C:\Program Files (x86)\vorbisenc.dll
    [2009.05.26 09:26:30 | 000,029,184 | ---- | C] () -- C:\Program Files (x86)\no23xwrapper.dll
    [2009.05.26 09:26:30 | 000,019,456 | ---- | C] () -- C:\Program Files (x86)\vorbisfile.dll
    [2009.05.26 09:26:30 | 000,015,872 | ---- | C] () -- C:\Program Files (x86)\ogg.dll
    [2009.04.09 17:08:00 | 000,001,476 | ---- | C] () -- C:\Program Files (x86)\RecConfig.xml
    [2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Micha\AppData\Local\lame_enc.dll
    [2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Micha\AppData\Local\vorbisenc.dll
    [2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Micha\AppData\Local\vorbisfile.dll
    [2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Micha\AppData\Local\vorbis.dll
    [2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Micha\AppData\Local\ogg.dll
    [2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Micha\AppData\Local\no23xwrapper.dll

    ========== ZeroAccess Check ==========

    [2012.11.10 00:09:20 | 000,000,596 | ---- | M] () -- C:\Users\Micha\AppData\Roaming\Mozilla\Firefox\Profiles\d1oxk5a6.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
    [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
    ThreadingModel = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
    ThreadingModel = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    ThreadingModel = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    ThreadingModel = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    ThreadingModel = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >
     
  9. bitte nochmal kurz schreiben ob ich den rechner nun neu starten soll oder ob es einen rückgängig button für das bereinigen gibt ?

    danke, michael
     
Die Seite wird geladen...

Windows 7 64-Bit richtig sichern, Problemerkennung - Ähnliche Themen

Forum Datum
Merkwürdige RAM-Auslastung unte Windows 7 (64-bit) Windows 7 Forum 30. Aug. 2011
Windows 7 64-Bit - Die besten 64-Bit-Anwendungen gratis Windows XP Forum 18. März 2010
Dreamscene für Windows 7 64-Bit Windows 7 Forum 10. Okt. 2009
Windows 7 64-Bit unter Windows Virtual PC virtualisieren Virtualisierung & Emulatoren 27. Juni 2013
Kann Windows 8 64-Bit nicht mit EFI installieren auf Virtualbox Virtualisierung & Emulatoren 24. Juni 2013