| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.08.2011, 22:22
| #16 |
 |  csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.08.2011 22:42:00 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Udo Becker\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,25% Memory free
6,19 Gb Paging File | 4,59 Gb Available in Paging File | 74,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139,73 Gb Total Space | 9,26 Gb Free Space | 6,63% Space Free | Partition Type: NTFS
Drive E: | 138,26 Gb Total Space | 70,98 Gb Free Space | 51,34% Space Free | Partition Type: NTFS
Computer Name: UDOBECKER-PC | User Name: Udo Becker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035082C5-493B-49A2-82E3-296E25C60942}" = lport=445 | protocol=6 | dir=in | app=system |
"{0CAB935E-3357-419B-86A7-4D83BEB65E1C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{0F405539-BD8D-462D-B657-4DE0CCA7D49D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{11A3B67E-97BB-41E7-805A-75D7D902E05F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{121BC856-2178-4A3D-851D-E3769795E26B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{130DE2EC-91F4-4A72-87A7-E1C1DFFD0670}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1DDD34E3-3553-4517-BD4D-ADDA54D55156}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2C1960D2-696C-43A1-B3F0-8CADF2D343E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2E791713-13F6-4E9B-B444-A930CF621259}" = lport=2869 | protocol=6 | dir=in | app=system |
"{313C8618-2C8F-4DC1-BD4E-A9960BA2F2FC}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3571F6FF-BFDA-4735-96E0-43D4CDB442C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36AE1422-BCE3-4E94-AE48-7B3B9185ED8D}" = lport=139 | protocol=6 | dir=in | app=system |
"{3D13BC6C-D53A-44B9-B444-D6BC0EC4E58C}" = lport=1900 | protocol=17 | dir=in | name=microsoft upnp-port (udp) |
"{42231E32-043B-4560-AFCA-F719092ED882}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C6F73A4-C228-4D27-8079-A1ED7D109FB6}" = rport=2869 | protocol=6 | dir=out | app=system |
"{4D4ABD78-384B-4021-9D8B-271DA68AF9F7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4F49CA23-9D9B-4A0A-A52D-AB85CC4962B6}" = lport=0 | protocol=6 | dir=in | name=magix upnp media server |
"{5308000F-C5F8-4A10-942A-BE003AF3052E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6351B940-F845-46FB-A2D4-D68CE88C1EB2}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7040E4E7-95C1-4CCD-A680-FB5443216C1B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{759B0C07-4368-4047-8346-92F757D5CA1E}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{79B51102-1383-4D04-830A-A69C782B10F7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AEA0E3A7-A198-4984-A394-6919C20178D7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1C4D685-840B-4297-BB07-D82E1BDB18AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{B40FF2C9-990E-4D2F-B8C2-34C7F5937B48}" = rport=137 | protocol=17 | dir=out | app=system |
"{B64D4B80-F344-46DC-8E39-DB7B3FC19B48}" = lport=137 | protocol=17 | dir=in | app=system |
"{B7C314FF-784F-45ED-B23D-4FE70E5DE6A9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB418642-3C1D-4AA2-A374-87082194DE75}" = rport=445 | protocol=6 | dir=out | app=system |
"{C494200E-3603-4CE2-8CC6-48AE11EB20EF}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C7BACE37-CADC-4A4F-87BB-58290C9E3FD3}" = lport=2869 | protocol=6 | dir=in | name=microsoft upnp-port (tcp) |
"{CC73BCDD-B7B3-4660-A5AF-7F0B2EA5BB35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D0EB168D-A145-4B24-9B30-24C5A2BD3260}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EA9E0563-7957-4406-9EDB-9114215EC974}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F7C62B3D-6815-4BF6-BCD3-DDFEA69BF135}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F8ACFC71-1DD4-4DAE-9C29-690CE71FF808}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F98CE56E-2438-4EB6-8E6F-96F4F5AE2DF6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FA154300-B653-47CF-AE8F-AE506B49D8CB}" = lport=138 | protocol=17 | dir=in | app=system |
"{FDF4BCBA-77E7-4C45-98C1-A55455A6AC0C}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{070F5807-64B8-4436-AA43-3C7B5F8225CD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{147D7DE2-8723-4469-9653-5D949A062A5C}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{16771C3E-2DC8-49CE-8A9F-935D79F5173D}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{22DEA79D-CEC9-49B4-A04F-D87E746F889D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2A6CC0C1-A068-4D8E-93FC-77E2668DA6DA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{30C3467D-ACB1-4CE4-A0EF-38A57F515B53}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{31339B40-4EB9-4478-8A83-683BBB6FA098}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{32BA3A64-1EAD-4E20-B806-B0E68AC27828}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34554E29-CF72-4FD3-821C-CD168DFF01AF}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii\starcraft ii.exe |
"{3C0C0E7E-8B95-49EA-BD97-6D0E62DE4010}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{3F0891AA-8B43-48CE-A802-F34A2169009D}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{41C11370-C493-4A03-98DC-549C39084EEA}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{43C37BEA-F670-44DD-B475-10892F9E9972}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{44B8A5C6-646E-4649-9BA1-33C5E3FB59BC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4927092F-3D4E-4368-9793-0FC0EBD38163}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{49C476B2-7B0B-4424-BDD5-5C2D625D46E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{507FC495-3C7D-4B8A-8B7C-2B67C35AA4A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{52E9F9B7-5E61-431B-B9E4-9599EEBF3979}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55CBA571-E4D5-4F97-84BC-0AA439538DBB}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty world at war\codwawmp.exe |
"{5BEED833-D020-4669-9B6E-364A34E53EFA}" = protocol=17 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{5CF57850-0BE0-495A-A578-0E33DF9C722A}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{5F41568F-09D3-4874-850A-8CD6F5303078}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{5FA5E89F-BDC8-4F60-B9B3-FF4F206BE707}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{64F75853-9980-4B9F-A573-D9188C7EEE79}" = protocol=6 | dir=in | app=c:\program files\electronic arts\aufstieg des hexenkönigs\game.dat |
"{676D1575-020F-45E8-A6B6-236FD8F618A5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A6318C0-D11D-49B7-B979-623A69EDC5D0}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{7466C875-8B4D-4C1B-9D6E-DD6D2008F4CB}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii\starcraft ii.exe |
"{758A421C-473B-4D0C-8502-5328DF37858E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{7706758A-DCD9-4566-9BAD-DBA9AC2AD9F6}" = protocol=17 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{796F3EA5-BDAC-46E6-9ED6-B144457C40B4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F0B6501-6659-44B9-B64F-FC3BF3526360}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F3FD32F-E31D-493D-B0DB-3C7D8A452DDE}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{80A45E90-7D85-4A28-BFC3-6DDD4F301260}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{84B9EE10-170E-4439-B797-A525A21A2747}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9D9998CE-98EC-49ED-8C12-4E60AB81C96B}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9F9159F3-2996-4F74-9337-0C04EF9CD4A6}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii.exe |
"{9FC88D9D-14A3-4744-AFE7-DAE4D4AB9429}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{A011671F-D50A-4D26-9676-49B3AB72AAFA}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{A797A2BE-BD9A-4F02-89D8-D8356CC941ED}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A8420DDE-F859-4A3A-B4A9-9BB74DC746F5}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{AD04113F-8086-4E9A-8629-348366A07FA6}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{B5118855-36D1-435D-9361-67A8681DC894}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BC6CAC7A-8E3E-4369-9992-C1DAD1982F1C}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe |
"{BFF0FB15-5148-45ED-998F-5EC85E9C9601}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C2516567-3B45-4AC3-AAFD-6B6748099B74}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C3A13ED6-8EAA-44A5-8BD5-33C697342543}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C6FE5E8A-7846-4211-94B8-3673A76351CF}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"{C7598D70-0D2E-44C9-BF3F-BA6021B2AA46}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C8A71BFF-2B98-4A3B-9D02-68E536F58A10}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{CB72B7D8-62A6-43B5-87FF-60A74A5EC7AE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D2443300-7A03-440A-8819-A63089FE86CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D4B5E404-7FE6-40A8-BB26-6B617E63EF0E}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D5C4B2B4-E068-4C03-9A2B-083B4B8ECEFB}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{D68D3974-B335-4E51-96EC-090370536B11}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{D836E7C4-D41A-48D3-AA17-8C3DD093C539}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii.exe |
"{D8E78EAA-0B47-49D6-BBC3-32BD52A21448}" = protocol=6 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{DBEC5D81-97F8-4987-89AF-E73D9B8EBF86}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\call of duty world at war\codwaw.exe |
"{DC5E6E1A-D4FD-401E-819D-88E11206C7F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E31A3BA4-D982-4C8D-AA26-C1A11C8EF3ED}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{E41162A2-BB1E-488B-A3B2-8F3AA0E2F4AE}" = protocol=17 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{E514EFBD-FEDE-4902-9CEA-DDFEC7347A26}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{E5801296-E0B6-4BC6-B9E1-716A26F45F63}" = protocol=6 | dir=out | app=system |
"{E7E36446-8921-4270-B25B-3B3F1ADB5AA0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\ruse.exe |
"{E9FD0C96-81B4-46DD-B327-B487B3C926AA}" = protocol=17 | dir=in | app=c:\program files\icq7.4\icq.exe |
"{F25FDAD1-EFDB-4F53-96A1-7DC5F5FE256B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F96212FA-EBC0-4EB7-BC21-A9E3D4B43C31}" = protocol=6 | dir=in | app=c:\program files\common files\magix shared\upnpservice\upnpservice.exe |
"{FA1A9322-2C49-40B4-950D-F38B51A5D160}" = protocol=6 | dir=in | app=c:\program files\electronic arts\die schlacht um mittelerde ii\game.dat |
"{FD319CBE-374F-4D86-83E1-C2C5F55C7C1C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FDC52548-BC85-429F-8879-FC49E1EAE299}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{020D969A-983C-4251-90AD-312BD534014E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{0A48C6C6-A0B0-4D9C-9D90-F3DE37B66CB2}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{3B4E1C91-AD80-44D9-8F6E-336F25F36E7E}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=6 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe |
"TCP Query User{54A0CC16-1A67-46FF-A56D-6913F0F704A9}C:\program files\steam\steamapps\common\r.u.s.e\uplaybrowser\uplaybrowser.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\uplaybrowser\uplaybrowser.exe |
"TCP Query User{823F28B7-F60D-4020-86AB-83F587B6AAD4}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{88F2184E-E253-4CF8-9B3A-961356C64F53}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{940F001F-ADDD-4326-8563-19C189BE9B73}C:\program files\games for wii\strategie\wiiserver\wiiserver.exe" = protocol=6 | dir=in | app=c:\program files\games for wii\strategie\wiiserver\wiiserver.exe |
"TCP Query User{A9464E02-00DA-4A47-9C51-3DCAE4F67361}E:\call of duty - modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=e:\call of duty - modern warfare 2\iw4mp.exe |
"TCP Query User{E7EB50B1-010E-4CBC-B4A4-934CA86C0DC9}C:\games\ngd studios\regnum online\liveserver\roclientgameex.exe" = protocol=6 | dir=in | app=c:\games\ngd studios\regnum online\liveserver\roclientgameex.exe |
"TCP Query User{F0A7B8A7-F000-4C12-B23E-4057BE4DA994}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{F8C61B5D-C263-465E-B54D-344C99A1DC3E}C:\users\udo becker\appdata\roaming\filehunter\pumpa.exe" = protocol=6 | dir=in | app=c:\users\udo becker\appdata\roaming\filehunter\pumpa.exe |
"TCP Query User{FA4BCE67-6E07-4833-98E2-B4321E142B88}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{FD24E028-05CC-4390-8DE3-F1324DF94CC4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{FF36C5DC-067C-42AD-B6C7-9EDC3AA27450}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{12AF7260-A526-4C91-91D5-93893032EEDC}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{12C91D66-B5C8-43B4-B560-4565B4A9D9E6}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{213522A9-FD0A-4B85-87CD-B540FA5721D7}C:\games\ngd studios\regnum online\liveserver\roclientgameex.exe" = protocol=17 | dir=in | app=c:\games\ngd studios\regnum online\liveserver\roclientgameex.exe |
"UDP Query User{3D09304F-C0AE-4AD3-BD16-F239ADC7E03D}C:\program files\sierra\empire earth ii\ee2.exe" = protocol=17 | dir=in | app=c:\program files\sierra\empire earth ii\ee2.exe |
"UDP Query User{66992455-7993-4028-B4A3-76A0849A80DA}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{6D97C6A9-700E-4FB5-B8C3-4A2E55EF8E11}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8B824FA1-BDB3-4300-8F25-5C072504FA51}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{97B882B1-39AC-4BE5-88F1-95D2F2FF365C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{C22905D5-D281-44B9-B889-E78833E8376C}C:\program files\steam\steamapps\common\r.u.s.e\uplaybrowser\uplaybrowser.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\r.u.s.e\uplaybrowser\uplaybrowser.exe |
"UDP Query User{C2B7FAB0-C717-48B4-BD9F-ABDF89ACE2F8}E:\call of duty - modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=e:\call of duty - modern warfare 2\iw4mp.exe |
"UDP Query User{C3117F99-C2A3-4268-9EC7-9CA08FB5BD12}C:\users\udo becker\appdata\roaming\filehunter\pumpa.exe" = protocol=17 | dir=in | app=c:\users\udo becker\appdata\roaming\filehunter\pumpa.exe |
"UDP Query User{DF64C6DB-F190-4089-9B78-44E47EFB2960}C:\program files\games for wii\strategie\wiiserver\wiiserver.exe" = protocol=17 | dir=in | app=c:\program files\games for wii\strategie\wiiserver\wiiserver.exe |
"UDP Query User{E3DF20CF-241A-4847-A9BD-C72EF1CA01DA}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{F398FD12-988B-40D6-8B24-BA46175E257F}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04CB6099-90D2-896A-8E01-8F1228499D93}" = Catalyst Control Center Localization Dutch
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{068138BE-11F5-8F56-8D88-13837314558E}" = CCC Help German
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0A2F0BB6-D45B-AF3C-C19A-6950342AF6B1}" = Catalyst Control Center Localization Turkish
"{0BAA36F4-8138-AD8A-3791-44A7F0DD63E7}" = CCC Help Japanese
"{0C2B0B35-CF80-1384-D2F0-14F119F1784E}" = Catalyst Control Center Localization Chinese Standard
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{19666E73-D9E5-44D4-8F33-037ED151ECBC}" = Firebird SQL Server - MAGIX Edition
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A998953-E64F-CE34-4517-C58EF5092157}" = CCC Help Turkish
"{1AED74D3-4C54-3CAA-65DE-4EAB7B589AE1}" = Catalyst Control Center Localization Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FF0C077-6729-4205-828F-84A9900DAA6F}_is1" = GAMES FOR Wii - Strategie 1.6.9
"{228A2F09-4557-92B9-44A9-E13D41FFAD02}" = Catalyst Control Center Localization Hungarian
"{228D6BCB-7B30-39F5-5442-A99CD76A9762}" = Catalyst Control Center Localization Danish
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{2672817F-EB60-5FA1-9691-FE03D3E674F9}" = CCC Help French
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2CC25320-CD83-B987-4B0A-B53B8413CC87}" = CCC Help Italian
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{323C7763-A048-4E06-A339-729632A3F95E}" = PC ScanAndSweep
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{33A0D18A-019E-8F30-6EDA-776CDC319771}" = CCC Help Norwegian
"{34537704-7E4C-F552-AFC7-E3FDB0A4FDC1}" = Catalyst Control Center Localization Italian
"{357D2DAA-1743-AC07-D88B-0077FC725DF6}" = Catalyst Control Center Graphics Full Existing
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3899B709-95BD-752E-B320-1686DACA370E}" = CCC Help Portuguese
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E84E56E-FC81-4E08-AA90-E8B2FDC02557}" = Catalyst Control Center Localization Norwegian
"{469DFB95-185F-CA9E-3D5E-0036754B5033}" = Catalyst Control Center Localization German
"{475BF3D4-E418-18CF-34FC-1D8DD3E67F46}" = Catalyst Control Center Localization Chinese Traditional
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D881F9F-90B1-6992-BA30-72333A6BC669}" = CCC Help Danish
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 4.1
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{50D69C54-6963-49A6-B762-A9FF8F56AF0F}" = Brockhaus multimedial 2010
"{51035563-B7F5-01AF-0BE4-47533DEE5B51}" = Catalyst Control Center Localization Russian
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5AC66835-7850-401E-AC93-65AD4D6A7E2E}" = Catalyst Control Center Localization Portuguese
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64EEA791-0271-4B53-00AC-2BF05F5FBEF6}" = Die Sims™ Inselgeschichten
"{65761BAE-11E8-48FE-B30F-1F01011AB906}" = Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6789E743-FF41-3E96-8C59-0F43ADE6D9E6}" = Catalyst Control Center Localization French
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698CEC51-8E29-5B7C-2C88-20CDE9DC3DFF}" = ccc-core-static
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70B338F0-C957-4079-A3A1-63C68258CE92}_is1" = Fast AMR M4A AC3 WAV MP3 WMA Audio Converter 2.5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{74E2F60E-5C4D-3200-3AB5-6A5C1806A64F}" = CCC Help Hungarian
"{759D7567-3027-5605-BF42-9363090FAF71}" = CCC Help Czech
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80F24F31-F641-4349-83F3-59E335976D16}" = PC SpeedScan Pro
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.0.0
"{82A5E136-23E4-4BD3-938C-8DC490B59F92}" = PC SpeedScan Pro
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11477363}" = In Living Colors
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115583260}" = Tradewinds Classic
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115607753}" = Diner Dash Flo Through Time
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116517443}" = Youda Farmer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116563147}" = Cooking Academy 2 World Cuisine
"{85737D46-5FDE-7798-02BA-68AC06CD0B17}" = CCC Help Spanish
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{892DB0A0-CF31-DA46-8142-2B3953CA7B38}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8F2E8ADC-871F-7B91-708D-BC2899C7D986}" = Catalyst Control Center Localization Swedish
"{8FC9A62D-90DB-7122-09F3-587C42EE9FAC}" = Catalyst Control Center Localization Czech
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9128A108-FE27-997F-A118-E6C65FAE2256}" = CCC Help Korean
"{9809A7E4-3B3B-4547-3B80-0073E0115EB4}" = Catalyst Control Center Graphics Previews Vista
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9842DEA7-806B-08CA-608C-9717F5F5D7F3}" = Catalyst Control Center Graphics Light
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6ABCF3-A9BF-2A09-0974-777B6C421E28}" = CCC Help Swedish
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{A6F2C0CD-E0A2-BCC1-5BEF-600AC4D9AE62}" = Catalyst Control Center Localization Spanish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED8FA19-763C-BA3F-A243-3136EEF255E8}" = CCC Help Russian
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BA98E840-DCB3-10B7-D016-8890E4F8F4CC}" = Catalyst Control Center Graphics Full New
"{BC1ADEAD-99F1-4707-B31B-CDB222D5BB68}" = Catalyst Control Center - Branding
"{BFF4A1C9-60AB-48A4-9D14-55D27EDE40E4}" = LEGO MINDSTORMS Edu NXT - (Deutsch) Sprachenpaket
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C1F4123D-6C93-D087-F50F-8D7AC51AFE76}" = ATI Catalyst Install Manager
"{C3E7A3AD-142E-2433-0107-D2CA4D85F19F}" = CCC Help Greek
"{C5A5F901-08F3-7E96-3049-A950A80ACCF4}" = Catalyst Control Center Graphics Previews Common
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CB082B01-F65B-05DA-3048-8979BF7B5BD2}" = CCC Help Dutch
"{CC0E0442-B3BA-6FB5-3E94-C5F96B9B8915}" = Skins
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D281F20C-FA11-D09A-8A20-B78D771222F8}" = Catalyst Control Center Localization Japanese
"{D2BBEABB-A8DF-4451-A7C4-63C87B31E325}" = IL-2 Sturmovik: Forgotten Battles AEP
"{DA932D71-E52A-43D5-009E-395A1AEC1474}" = Die Sims™ Lebensgeschichten
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD766B16-BE10-F87C-73A7-A6FC09148633}" = CCC Help Polish
"{DDF91F62-6CBF-2932-93BA-D487B60635B5}" = Catalyst Control Center Core Implementation
"{DEC00B1F-5E63-D40F-6291-A2A531414613}" = CCC Help Chinese Traditional
"{DF066D23-C0C8-8755-8244-A8A78B8798A5}" = CCC Help Thai
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E43F30A4-1A56-408F-BF17-C5E808FD4DAC}" = LEGO MINDSTORMS Edu NXT Software v2.1
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EBE9C3BB-9196-4FD1-99E9-1AD7AD21002E}" = PC ScanAndSweep
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EC2F2081-6B46-810C-8408-EC04D29EDFF0}" = Catalyst Control Center Localization Thai
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F0EF93AE-6B13-DB6A-3C03-8CB5A51D0A7A}" = CCC Help Finnish
"{F0FFE43C-7FCC-55F3-6BDE-11F6E9F9FB4A}" = CCC Help Chinese Standard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E1E2E3-2F93-E548-7675-10A78CDD04A6}" = Catalyst Control Center Localization Finnish
"{F20B6876-0F18-1A47-D858-D0D9F6888B99}" = Catalyst Control Center Localization Polish
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3FEFB23-4626-44F8-BA67-CE67D04D0C54}" = LEGO MINDSTORMS NXT Driver
"{F400ED9E-848C-DB0B-CED5-F69DAA2CE8AD}" = ccc-utility
"{F5EFBB2D-2CD6-FD3D-FA53-DFB962BFD14C}" = Catalyst Control Center Localization Korean
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Premium
"BFGC" = Big Fish Games: Game Manager
"BFG-Defenders of Law - The Rosendale File" = Defenders of Law: The Rosendale File
"BFG-Des Koenigs Schmiedin" = Des Königs Schmiedin
"BFG-Drawn - Flucht aus der Dunkelheit" = Drawn: ® Flucht aus der Dunkelheit
"BFG-Gemini Lost" = Gemini Lost
"BFG-Virtual Villagers 4 - The Tree of Life" = Virtual Villagers 4 - The Tree of Life
"CCleaner" = CCleaner
"EADM" = EA Download Manager
"ElsterFormular für Privatanwender 12.2.0.6412p" = ElsterFormular für Privatanwender
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.02.026
"Fraps" = Fraps
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 6.0
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{D2BBEABB-A8DF-4451-A7C4-63C87B31E325}" = IL-2 Sturmovik: Forgotten Battles AEP
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"jZip" = jZip
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX MP3 Maker 15 Download-Version D" = MAGIX MP3 Maker 15 Download-Version 10.0.0.279 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"New LEGO Digital Designer" = LEGO Digital Designer
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Roter Baron III - Herrscher der Lüfte" = Roter Baron III - Herrscher der Lüfte
"Security Task Manager" = Security Task Manager 1.7
"Sierra-Dienstprogramme" = Sierra-Dienstprogramme
"Steam App 10090" = Call of Duty: World at War
"Steam App 21970" = R.U.S.E
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"UnityWebPlayer" = Unity Web Player (All users)
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"XSManager" = XSManager
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}" = easyFly 3 Starter Edition
"Game Organizer" = EasyBits GO
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.08.2011 04:53:46 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2294
Error - 23.08.2011 04:53:47 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.08.2011 04:53:47 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3292
Error - 23.08.2011 04:53:47 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3292
Error - 23.08.2011 04:53:48 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.08.2011 04:53:48 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4306
Error - 23.08.2011 04:53:48 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4306
Error - 23.08.2011 04:53:49 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 23.08.2011 04:53:49 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5304
Error - 23.08.2011 04:53:49 | Computer Name = UdoBecker-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5304
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
das ist aus dem extras.txt |
|
23.08.2011, 22:24
| #17 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) und das ist OTL.txt ich musste den text in 2 teilen posten weil er zu lang ist.
__________________Code:
ATTFilter OTL logfile created on: 23.08.2011 22:42:00 - Run 1 OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Udo Becker\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,24 Gb Available Physical Memory | 41,25% Memory free 6,19 Gb Paging File | 4,59 Gb Available in Paging File | 74,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 139,73 Gb Total Space | 9,26 Gb Free Space | 6,63% Space Free | Partition Type: NTFS Drive E: | 138,26 Gb Total Space | 70,98 Gb Free Space | 51,34% Space Free | Partition Type: NTFS Computer Name: UDOBECKER-PC | User Name: Udo Becker | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.08.23 15:12:12 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Udo Becker\Downloads\OTL.exe PRC - [2011.08.04 14:34:50 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2011.08.02 18:01:35 | 000,411,432 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe PRC - [2011.08.02 18:01:26 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Programme\Steam\Steam.exe PRC - [2011.06.28 14:58:58 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2011.06.28 14:58:58 | 000,340,136 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe PRC - [2011.06.28 14:58:58 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2011.04.28 09:59:58 | 000,220,552 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe PRC - [2011.04.27 20:27:45 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.14 17:31:03 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2010.11.02 14:56:16 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2010.03.24 17:01:09 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2009.06.22 15:21:58 | 000,304,592 | ---- | M] () -- C:\Programme\XSManager\WTGService.exe PRC - [2009.06.17 12:28:46 | 000,157,968 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe PRC - [2009.06.17 12:28:08 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\service4g.exe PRC - [2008.12.16 11:52:02 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Shared\Database2\bin\FABS.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.06.20 07:14:00 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe PRC - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.19 09:33:30 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\LiveUpdate\AluSchedulerSvc.exe PRC - [2007.09.03 12:39:22 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.07.20 20:45:16 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe PRC - [2007.06.19 15:28:32 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2007.05.17 16:03:24 | 004,813,312 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2007.04.10 16:40:28 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.02.12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2006.11.13 10:29:40 | 000,413,696 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2006.11.06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe PRC - [2006.10.05 06:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe ========== Modules (No Company Name) ========== MOD - [2011.08.02 18:01:35 | 014,401,832 | ---- | M] () -- C:\Programme\Steam\bin\libcef.dll MOD - [2011.08.02 18:01:35 | 000,214,528 | ---- | M] () -- C:\Programme\Steam\bin\mssvoice.asi MOD - [2011.08.02 18:01:35 | 000,095,744 | ---- | M] () -- C:\Programme\Steam\bin\mssmp3.asi MOD - [2011.08.02 18:01:33 | 000,914,216 | ---- | M] () -- C:\Programme\Steam\bin\avcodec-52.dll MOD - [2011.08.02 18:01:33 | 000,190,248 | ---- | M] () -- C:\Programme\Steam\bin\chromehtml.dll MOD - [2011.08.02 18:01:33 | 000,155,432 | ---- | M] () -- C:\Programme\Steam\bin\avformat-52.dll MOD - [2011.08.02 18:01:33 | 000,091,432 | ---- | M] () -- C:\Programme\Steam\bin\avutil-50.dll MOD - [2011.06.29 03:36:34 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll MOD - [2011.06.29 03:36:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll MOD - [2011.06.29 03:34:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2011.06.29 03:34:14 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2011.06.29 03:34:04 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2011.06.29 03:32:57 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2011.06.29 03:32:22 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2010.01.27 03:07:32 | 003,884,312 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2009.11.03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2008.08.04 12:16:02 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2008.08.04 12:16:02 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2861.40046__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2008.08.04 12:16:02 | 000,245,760 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2008.08.04 12:16:02 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2008.08.04 12:16:02 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2861.40038__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2008.08.04 12:16:02 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2861.40004__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2008.08.04 12:16:02 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2008.08.04 12:16:02 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2861.39955__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2008.08.04 12:16:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2008.08.04 12:16:01 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2008.08.04 12:15:44 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2861.40012__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:44 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:44 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll MOD - [2008.08.04 12:15:44 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2008.08.04 12:15:44 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:44 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2008.08.04 12:15:44 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2008.08.04 12:15:44 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2008.08.04 12:15:43 | 000,794,624 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2861.39963__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:43 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2861.40030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2008.08.04 12:15:43 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:43 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2861.40069__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:43 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2861.39977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:43 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2861.39963__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2008.08.04 12:15:43 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2861.40011__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2008.08.04 12:15:43 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2861.40069__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2008.08.04 12:15:43 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2861.39977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2008.08.04 12:15:42 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2861.40040__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2861.39872__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2861.39956__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2861.39997__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2861.39949__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2008.08.04 12:15:42 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2861.39878__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2008.08.04 12:15:42 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2861.39955__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2008.08.04 12:15:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2861.39878__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2008.08.04 12:15:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2861.39962__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2008.08.04 12:15:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2861.39996__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2008.08.04 12:15:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2008.08.04 12:15:42 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2008.08.04 12:15:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2008.08.04 12:15:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2008.08.04 12:15:42 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2008.08.04 12:15:42 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2008.08.04 12:15:41 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2008.08.04 12:15:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll MOD - [2008.08.04 12:15:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2008.08.04 12:15:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2008.08.04 12:15:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2008.08.04 12:15:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll MOD - [2008.08.04 12:15:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2008.08.04 12:15:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2008.08.04 12:15:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2820.26395__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2008.08.04 12:15:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2008.08.04 12:15:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2008.08.04 12:15:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2008.08.04 12:15:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2008.08.04 12:15:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2008.08.04 12:15:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2820.26388__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2820.26386__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2820.26377__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll MOD - [2008.08.04 12:15:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2008.08.04 12:15:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2008.08.04 12:15:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll MOD - [2008.08.04 12:15:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2008.08.04 12:15:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2008.08.04 12:15:35 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2008.08.04 12:15:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2008.08.04 12:15:35 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2861.40053_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2008.08.04 12:15:34 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2008.08.04 12:15:34 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2008.08.04 12:15:34 | 000,458,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2008.08.04 12:15:34 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll MOD - [2008.08.04 12:15:34 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2008.08.04 12:15:34 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll MOD - [2008.08.04 12:15:34 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2008.08.04 12:15:34 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll MOD - [2008.08.04 12:15:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll MOD - [2008.08.04 12:15:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2008.08.04 12:15:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2008.08.04 12:15:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2008.08.04 12:15:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2008.08.04 12:15:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll MOD - [2008.08.04 12:15:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2008.08.04 12:15:34 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2008.08.04 12:15:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2008.08.04 12:15:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2008.08.04 12:15:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2820.26388__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2008.08.04 12:15:34 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2008.07.27 20:03:15 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2008.07.27 20:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:03:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.07.27 20:03:08 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2007.11.05 16:23:00 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.11.02 00:09:02 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.05.17 16:03:24 | 004,813,312 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe MOD - [2006.11.06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (TOSHIBA Bluetooth Service) SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex) SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.08.03 15:54:05 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_2da1ebd.dll -- (Akamai) SRV - [2011.08.02 18:01:35 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\MalwarebytesAnti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.28 14:58:58 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2011.06.28 14:58:58 | 000,340,136 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2011.06.28 14:58:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.27 20:27:45 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.09.06 18:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2009.06.22 15:21:58 | 000,304,592 | ---- | M] () [Auto | Running] -- C:\Programme\XSManager\WTGService.exe -- (WTGService) SRV - [2009.06.17 12:28:08 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto | Running] -- C:\Windows\service4g.exe -- (XS Stick Service) SRV - [2008.12.16 11:52:02 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe -- (Fabs) SRV - [2008.10.21 16:50:00 | 000,548,864 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008.01.29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.09.26 10:53:56 | 002,999,664 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE -- (LiveUpdate) SRV - [2007.09.26 10:53:56 | 000,554,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler) SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006.10.05 06:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) ========== Driver Services (SafeList) ========== DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.06.28 14:58:59 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2011.06.28 14:58:59 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.06.09 13:00:57 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.22 13:28:27 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi) DRV - [2008.11.17 16:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2008.10.31 16:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser) DRV - [2008.10.09 16:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008.08.12 21:30:12 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt) DRV - [2008.08.12 21:30:11 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt) DRV - [2007.11.09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007.11.02 00:20:12 | 003,170,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.09.26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.04.30 07:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.04.16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007.03.06 15:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\DRIVERS\CplIR.SYS -- (CplIR) DRV - [2007.01.24 14:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2007.01.18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2006.11.28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006.08.30 10:35:58 | 000,140,800 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2006.07.28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Nachrichten - Service - Shopping bei t-online.de IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes) FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.29 21:45:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.29 21:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Udo Becker\AppData\Roaming\mozilla\Extensions [2011.07.04 14:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.07.04 14:24:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011.07.04 14:24:43 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2009.06.25 03:02:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (jZip Webmail plugin) - {647FD14A-C4F1-46F4-8FC3-0B40F54226F7} - C:\Programme\jZip\WebmailPlugin.dll (Discordia Limited) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [HotKeysCmds] File not found O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] File not found O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] File not found O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [PC ScanAndSweep] C:\Program Files\Ascentive\PC ScanAndSweep\PCScanAndSweep.exe (Ascentive LLC) O4 - HKLM..\Run: [PC SpeedScan Pro] C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe (Ascentive LLC) O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\ApcMain.exe (Ascentive) O4 - HKLM..\Run: [Persistence] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG) O4 - HKLM..\Run: [SunJavaUpdateSched] File not found O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [EA Core] File not found O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O4 - HKCU..\Run: [TOSCDSPD] File not found O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - HKCU..\RunOnce: [Shockwave Updater] File not found O4 - Startup: C:\Users\Udo Becker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - File not found O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - File not found O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.67.0.cab (Battlefield Heroes Updater) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://www.gamehouse.com/realarcade-webgames/zylom/zylomplayer.cab (Zylom Games Player) O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} hxxp://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe (Virtools WebPlayer Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found O24 - Desktop WallPaper: C:\Users\Udo Becker\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Udo Becker\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\Shell - "" = AutoRun O33 - MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\Shell\AutoRun\command - "" = D:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices Geändert von cosinus (24.08.2011 um 08:26 Uhr) Grund: CODE-Tags |
|
23.08.2011, 22:27
| #18 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) teil2
__________________Code:
ATTFilter SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.08.22 22:49:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.12 03:25:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.08.12 03:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.08.10 19:31:51 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\AppData\Roaming\PeerNetworking
[2011.08.10 09:15:00 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\AppData\Local\Activision
[2011.08.06 22:40:03 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\Meine Anwendungen
[2011.08.06 22:39:04 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\spiele wichtig
[2011.08.06 22:38:28 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\Fiesta
[2011.08.06 22:37:25 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\für den pc
[2011.08.06 22:36:50 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\aufnahme programme
[2011.08.06 22:35:04 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\MINecraft
[2011.08.06 22:33:52 | 000,000,000 | R--D | C] -- C:\Users\Udo Becker\Desktop\windows sachen
[2011.08.06 22:32:59 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\Desktop\Al so ein wichtiger kram
[2011.07.28 03:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.07.27 14:51:50 | 000,000,000 | ---D | C] -- C:\Users\Udo Becker\AppData\Roaming\.minecraft
[2011.07.26 14:42:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2011.07.26 14:42:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011.07.26 14:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.07.26 14:38:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.23 22:34:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.23 20:54:44 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 20:54:44 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.23 20:50:50 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DC1B43D1-204F-47A5-8F07-B1E89C5E82B9}.job
[2011.08.23 20:18:30 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.08.23 12:54:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.23 09:19:07 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.23 09:19:06 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.08.23 09:18:35 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.18 16:14:39 | 000,329,231 | ---- | M] () -- C:\Users\Udo Becker\Documents\MineCraft FlyMod 1.7.3.zip
[2011.08.16 12:38:44 | 000,139,488 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.08.16 12:38:36 | 000,270,776 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.08.16 12:37:28 | 000,111,928 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.08.12 03:25:28 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.08.10 19:31:51 | 000,024,206 | ---- | M] () -- C:\Users\Udo Becker\AppData\Roaming\UserTile.png
[2011.08.10 09:14:31 | 000,022,328 | ---- | M] () -- C:\Users\Udo Becker\AppData\Roaming\PnkBstrK.sys
[2011.08.10 09:14:09 | 000,682,280 | ---- | M] () -- C:\Windows\System32\pbsvc.exe
[2011.08.09 21:46:26 | 000,036,352 | ---- | M] () -- C:\Users\Udo Becker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.25 19:57:43 | 000,960,457 | ---- | M] () -- C:\Users\Udo Becker\mcpatcher-2.1.0_02.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.23 09:18:35 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.18 16:14:33 | 000,329,231 | ---- | C] () -- C:\Users\Udo Becker\Documents\MineCraft FlyMod 1.7.3.zip
[2011.08.12 03:25:28 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.08.10 19:31:51 | 000,024,206 | ---- | C] () -- C:\Users\Udo Becker\AppData\Roaming\UserTile.png
[2011.08.10 09:14:09 | 000,682,280 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2011.07.28 03:03:03 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2011.07.25 19:57:41 | 000,960,457 | ---- | C] () -- C:\Users\Udo Becker\mcpatcher-2.1.0_02.exe
[2011.06.07 17:19:04 | 000,000,338 | ---- | C] () -- C:\Windows\doom3.ini
[2011.04.20 19:54:36 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.10.26 10:51:00 | 000,000,006 | ---- | C] () -- C:\Users\Udo Becker\AppData\Roaming\completescan
[2010.10.26 10:35:02 | 000,000,010 | ---- | C] () -- C:\Users\Udo Becker\AppData\Roaming\install
[2010.09.23 14:10:06 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.06.19 19:25:44 | 000,139,488 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.06.19 19:25:44 | 000,022,328 | ---- | C] () -- C:\Users\Udo Becker\AppData\Roaming\PnkBstrK.sys
[2010.06.19 19:25:30 | 000,270,776 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.06.19 19:25:27 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.06.19 19:25:27 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.03.24 20:32:12 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2009.09.01 17:36:34 | 000,000,552 | ---- | C] () -- C:\Users\Udo Becker\AppData\Local\d3d8caps.dat
[2009.08.17 14:29:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.28 13:10:00 | 000,051,712 | ---- | C] () -- C:\Windows\System32\coodest.dll
[2009.03.26 17:25:36 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.02.03 22:12:42 | 000,001,356 | ---- | C] () -- C:\Users\Udo Becker\AppData\Local\d3d9caps.dat
[2008.10.25 21:54:02 | 000,000,036 | -H-- | C] () -- C:\Windows\System32\swk.ini
[2008.10.04 15:34:21 | 000,036,352 | ---- | C] () -- C:\Users\Udo Becker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.20 10:57:25 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008.09.12 22:20:21 | 000,009,003 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008.09.12 22:14:13 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.09.12 22:14:13 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.08.30 10:10:42 | 000,000,016 | -H-- | C] () -- C:\Users\Udo Becker\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.08.30 10:10:30 | 000,000,016 | -H-- | C] () -- C:\Users\Udo Becker\AppData\Local\mxfilerelatedcache.mxc2
[2008.08.12 21:30:12 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.08.12 21:30:11 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.08.04 17:56:49 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008.08.04 17:56:49 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008.08.04 17:52:02 | 000,000,212 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2008.08.04 17:52:02 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2008.08.04 17:52:02 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2008.08.04 17:49:26 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2008.08.04 17:47:36 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2008.08.04 14:02:14 | 000,001,945 | ---- | C] () -- C:\Windows\eReg.dat
[2008.08.04 13:08:40 | 000,000,300 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.08.04 13:04:12 | 000,009,586 | ---- | C] () -- C:\Users\Udo Becker\AppData\Roaming\wklnhst.dat
[2008.08.04 12:14:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.01.08 10:35:57 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.01.08 10:35:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.01.08 10:35:56 | 000,154,206 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.10.15 20:51:56 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.10.15 20:51:56 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.10.15 20:51:56 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.10.15 20:51:56 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.07.12 21:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat
[2007.07.12 21:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat
[2007.07.12 21:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007.07.12 21:33:09 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007.07.12 10:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.07.12 10:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.07.12 10:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.07.12 10:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.04.16 08:35:21 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 17:33:31 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,126,260 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,353,288 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
========== LOP Check ==========
[2011.08.22 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\.minecraft
[2008.12.20 16:37:29 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Amaranth Games
[2009.06.14 18:18:11 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Anabel
[2011.04.20 20:13:19 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Ascentive
[2010.10.26 10:33:56 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\B92C1F974CD9446CFCEB8125878B7C7E
[2010.10.07 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Be a King 2
[2009.05.15 23:07:18 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\BeachPartyCraze
[2010.10.13 17:13:56 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Big Fish Games
[2009.05.18 17:59:27 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Boomzap
[2009.05.23 16:36:21 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\EleFun Games
[2011.04.17 14:25:21 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\elsterformular
[2009.05.17 17:34:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Enchanted Katya
[2010.07.29 22:20:10 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Farm Mania 2
[2010.10.22 23:22:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GameInvest
[2010.08.02 16:46:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Gamelab
[2009.06.09 16:56:40 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GAMEON
[2011.07.21 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\go
[2010.08.05 22:41:24 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GraveyardShift
[2011.05.01 12:44:08 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ICQ
[2009.07.07 19:25:45 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Imperium Romanum
[2008.08.04 15:39:51 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\InterTrust
[2011.06.17 15:10:30 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\IPACS
[2009.05.18 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ITTNord
[2009.05.17 17:01:33 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\iWin
[2009.06.15 15:57:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Jane s Hotel Family Hero
[2010.11.27 15:35:54 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\LEGO Company
[2010.08.06 16:37:36 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Magic Seeds
[2009.08.17 20:49:31 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\MAGIX
[2008.11.24 18:54:25 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Meridian93
[2010.10.13 14:35:20 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Merscom
[2010.08.02 17:51:31 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\My Games
[2009.01.31 22:02:10 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\MysteryStudio
[2010.08.05 21:07:58 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Peace Craft
[2010.10.05 17:02:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PeaceCraft2
[2011.08.10 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PeerNetworking
[2009.05.20 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PetShowCraze
[2010.10.13 17:54:26 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PlayFirst
[2008.11.25 21:45:50 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Pogo Games
[2009.02.07 10:21:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ScanSoft
[2010.12.23 21:10:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Sierra
[2010.10.13 16:14:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Skunk Studios
[2009.10.24 14:04:50 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\SPORE
[2010.04.29 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Teeworlds
[2008.08.04 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Template
[2008.08.05 20:09:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Toshiba
[2011.04.20 17:54:28 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Uniblue
[2010.10.24 21:45:08 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\VendelGAMES
[2011.07.16 19:05:17 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\XSManager
[2010.10.13 12:51:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\YoudaGames
[2009.06.14 19:53:22 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Zylom
[2011.08.23 09:19:06 | 000,000,342 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011.08.23 09:10:08 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.08.23 20:50:50 | 000,000,436 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{DC1B43D1-204F-47A5-8F07-B1E89C5E82B9}.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.08.22 16:02:34 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\.minecraft
[2010.01.23 10:46:41 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Adobe
[2008.08.24 10:35:46 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\AdobeUM
[2008.12.20 16:37:29 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Amaranth Games
[2009.06.14 18:18:11 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Anabel
[2011.04.05 19:31:19 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Apple Computer
[2011.04.20 20:13:19 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Ascentive
[2008.08.04 12:34:44 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ATI
[2009.03.22 16:31:32 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Avira
[2010.10.26 10:33:56 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\B92C1F974CD9446CFCEB8125878B7C7E
[2010.10.07 15:29:00 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Be a King 2
[2009.05.15 23:07:18 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\BeachPartyCraze
[2010.10.13 17:13:56 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Big Fish Games
[2010.08.02 19:45:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\bigfish
[2009.05.18 17:59:27 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Boomzap
[2008.11.04 21:52:37 | 000,000,000 | R--D | M] -- C:\Users\Udo Becker\AppData\Roaming\Brother
[2010.02.20 13:56:39 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\CyberLink
[2009.05.23 16:36:21 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\EleFun Games
[2011.04.17 14:25:21 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\elsterformular
[2009.05.17 17:34:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Enchanted Katya
[2010.07.29 22:20:10 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Farm Mania 2
[2010.10.22 23:22:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GameInvest
[2010.08.02 16:46:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Gamelab
[2009.06.09 16:56:40 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GAMEON
[2011.07.21 18:53:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\go
[2008.08.24 11:53:45 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Google
[2010.08.05 22:41:24 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\GraveyardShift
[2011.05.01 12:44:08 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ICQ
[2009.06.14 19:53:22 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Identities
[2009.07.07 19:25:45 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Imperium Romanum
[2008.08.04 17:48:56 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\InstallShield
[2011.06.17 15:10:26 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\InstallShield Installation Information
[2008.08.04 15:39:51 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\InterTrust
[2011.06.17 15:10:30 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\IPACS
[2009.05.18 16:25:44 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ITTNord
[2009.05.17 17:01:33 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\iWin
[2009.06.15 15:57:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Jane s Hotel Family Hero
[2010.11.27 15:35:54 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\LEGO Company
[2008.08.22 21:43:27 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Macromedia
[2010.08.06 16:37:36 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Magic Seeds
[2009.08.17 20:49:31 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\MAGIX
[2010.10.31 12:00:52 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Media Center Programs
[2008.11.24 18:54:25 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Meridian93
[2010.10.13 14:35:20 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Merscom
[2011.07.06 20:15:44 | 000,000,000 | --SD | M] -- C:\Users\Udo Becker\AppData\Roaming\Microsoft
[2009.05.13 14:08:46 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Move Networks
[2011.05.29 21:46:10 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Mozilla
[2010.08.02 17:51:31 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\My Games
[2009.01.31 22:02:10 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\MysteryStudio
[2010.08.05 21:07:58 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Peace Craft
[2010.10.05 17:02:09 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PeaceCraft2
[2011.08.10 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PeerNetworking
[2009.05.20 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PetShowCraze
[2010.10.13 17:54:26 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\PlayFirst
[2008.11.25 21:45:50 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Pogo Games
[2009.03.26 17:58:08 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Real
[2009.02.07 10:21:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\ScanSoft
[2008.10.13 13:58:15 | 000,000,000 | RH-D | M] -- C:\Users\Udo Becker\AppData\Roaming\SecuROM
[2010.12.23 21:10:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Sierra
[2010.10.13 16:14:16 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Skunk Studios
[2011.08.23 08:44:30 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Skype
[2011.05.28 06:47:46 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\skypePM
[2009.10.24 14:04:50 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\SPORE
[2010.04.29 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Teeworlds
[2008.08.04 13:04:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Template
[2008.08.05 20:09:55 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Toshiba
[2011.04.20 17:54:28 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Uniblue
[2010.10.24 21:45:08 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\VendelGAMES
[2011.03.25 18:02:47 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\WinRAR
[2011.07.16 19:05:17 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\XSManager
[2010.10.13 12:51:53 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\YoudaGames
[2009.06.14 19:53:22 | 000,000,000 | ---D | M] -- C:\Users\Udo Becker\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2008.08.24 10:43:25 | 022,319,360 | ---- | M] ( ) -- C:\Users\Udo Becker\AppData\Roaming\Adobe\Acrobat\7.0\Updater\AdbeRdr710_de_DE.exe
[2010.10.26 10:34:18 | 000,019,891 | ---- | M] () -- C:\Users\Udo Becker\AppData\Roaming\B92C1F974CD9446CFCEB8125878B7C7E\dirhuntsetup70700.exe
[2009.11.19 13:49:46 | 000,802,816 | ---- | M] (Acresso Software Inc. ) -- C:\Users\Udo Becker\AppData\Roaming\InstallShield Installation Information\{7CBD5083-2ADF-4DF1-8DC1-D7AB2F7040E0}\setup.exe
[2009.11.19 13:49:42 | 002,166,784 | ---- | M] (IPACS) -- C:\Users\Udo Becker\AppData\Roaming\IPACS\easyFly 3 Starter Edition\easyfly3.exe
[2009.06.23 19:49:29 | 000,010,134 | R--- | M] () -- C:\Users\Udo Becker\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.02.12 20:37:34 | 000,097,144 | ---- | M] () -- C:\Users\Udo Becker\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2009.05.13 14:08:46 | 000,034,062 | ---- | M] () -- C:\Users\Udo Becker\AppData\Roaming\Move Networks\ie_bin\Uninst.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 00:32:28 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.08.22 19:30:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.08.22 19:30:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.08.22 19:30:53 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2007.02.12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2007.02.12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Toshiba\Drivers\Robson\Winall\Driver64\IaStor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\iaStor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Toshiba\Drivers\Robson\Winall\Driver\iaStor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: KR10N.SYS >
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10i\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10n\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\drivers\KR10N.sys
[2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_95888b8d\KR10N.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 00:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 00:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2007.07.12 20:54:41 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2009.04.11 00:28:26 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2007.07.12 20:54:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.19 09:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 11:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 00:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2007.04.13 12:11:59 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2007.04.13 12:11:57 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2007.04.13 12:11:59 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2007.04.13 12:12:07 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2007.04.13 12:12:08 | 006,008,832 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2007.11.02 00:09:12 | 000,364,544 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:94F67F32
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:73461BFA
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:AB82C54F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:5345C8F6
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:D453E38B
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:3780BCC3
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:178093AE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:10F6E97E
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:01690B01
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:706B1D1A
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:51A22C60
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:C611D6C8
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:B54102AD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:ADFAD95A
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:488F7244
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:80EA2EA3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:3AD6342E
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:27F44544
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:942BD321
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:33A7CC67
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:CBCE0A92
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:70F0A2F4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:6CBAF5F3
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A4AF8D0D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:CE253B51
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:76986D86
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2FF4577A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:F86CC73E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:551E1CB4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:18E45954
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:CA99FD89
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:E7C9DAAE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:997E6AF4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:700CD00E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:61A065F2
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:EA7D76BE
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:BACB6B6C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:A95A95AC
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:D9F6664C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AA004D25
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:6CEB2458
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:38849DE5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:D2397415
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:097FF903
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:02C1CB6D
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:F35AE645
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:9B52F176
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:3C9CF9A7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:588B60C7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:425759C6
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:8C458D50
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:1C9565AC
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:15752405
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D10517E
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:18AE7C5A
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:25005EFA
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:1941675B
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:F50F1555
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:D2D4B33E
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A23D24E7
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:79A70C33
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:3447AB86
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:128A6DC9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:443268A9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:273A8657
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:26946BE8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:61E5F0F7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:01442FD8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:5711EF65
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:37CE0F2E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:776E54F2
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:0B61DB9F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:A59DD4AD
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:3FC4A10A
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:3CF23EC3
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:C337006C
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:27AD48A5
< End of report >
Geändert von cosinus (24.08.2011 um 08:24 Uhr) Grund: CODE-Tags |
|
23.08.2011, 22:30
| #19 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) ich weiss nicht wieso da smileys drin sind ich hab die ganz sicher nich gemacht |
|
23.08.2011, 22:34
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) Das kommt davon wenn man nicht in CODE-Tags postet!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.08.2011, 22:46
| #21 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) ja sry wusste ich nicht ( weiss auch jetzt weder was das ist noch wie man das macht aber is doch egal aber was kannst du mir jetzt über die logdateien sagen? und mir als leie ist gleich schon das aufgefallen:Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt ganz am ende von der Extras.txt |
|
24.08.2011, 09:30
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!! Code:
ATTFilter :OTL
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKCU..\Run: [Uniblue RegistryBooster 2009] File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\Shell - "" = AutoRun
O33 - MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\Shell\AutoRun\command - "" = D:\autorun.exe
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:94F67F32
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:73461BFA
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:AB82C54F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:5345C8F6
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:D453E38B
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:3780BCC3
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:178093AE
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:10F6E97E
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:DA18D4E3
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:01690B01
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:706B1D1A
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:51A22C60
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:C611D6C8
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:B54102AD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:ADFAD95A
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:488F7244
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:80EA2EA3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:3AD6342E
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:27F44544
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:942BD321
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:33A7CC67
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:CBCE0A92
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:70F0A2F4
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:6CBAF5F3
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A4AF8D0D
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:CE253B51
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:76986D86
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:3B3A35EC
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2FF4577A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:F86CC73E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:DAFD38AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:551E1CB4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:18E45954
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:CA99FD89
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:E7C9DAAE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:997E6AF4
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:700CD00E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:61A065F2
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:EA7D76BE
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:BACB6B6C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:A95A95AC
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:D9F6664C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:AA004D25
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:6CEB2458
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:38849DE5
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:D2397415
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:097FF903
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:02C1CB6D
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:F35AE645
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:9B52F176
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:3C9CF9A7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:588B60C7
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:425759C6
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:8C458D50
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:1C9565AC
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:15752405
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5D10517E
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:18AE7C5A
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:25005EFA
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:1941675B
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:F50F1555
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:D2D4B33E
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:A23D24E7
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:79A70C33
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:3447AB86
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:128A6DC9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:8173A019
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:443268A9
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:273A8657
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:26946BE8
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:61E5F0F7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:01442FD8
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:5711EF65
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:37CE0F2E
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:776E54F2
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:0B61DB9F
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:A59DD4AD
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:3FC4A10A
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:3CF23EC3
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:C337006C
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:27AD48A5
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.08.2011, 13:07
| #23 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) erstma hab ich noch ne frage wieso muss man denn immer alle virenscanner ausschallten? |
|
24.08.2011, 14:24
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) Weil die Virenscanner den Bereinigungvorgang negativ beeinträchtigen!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.08.2011, 15:19
| #25 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) ok danke wo kann man denn den virenscanner ausschalten? |
|
24.08.2011, 20:05
| #26 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully. C:\Programme\ICQ6Toolbar\ICQToolBar.dll moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Uniblue RegistryBooster 2009 deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! C:\autoexec.bat moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f587fc58-b695-11df-929d-001eec3b9565}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f587fc58-b695-11df-929d-001eec3b9565}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f587fc58-b695-11df-929d-001eec3b9565}\ not found. File D:\autorun.exe not found. ADS C:\ProgramData\Temp:94F67F32 deleted successfully. ADS C:\ProgramData\Temp:73461BFA deleted successfully. ADS C:\ProgramData\Temp:AB82C54F deleted successfully. ADS C:\ProgramData\Temp:5345C8F6 deleted successfully. ADS C:\ProgramData\Temp  453E38B deleted successfully.ADS C:\ProgramData\Temp:3780BCC3 deleted successfully. ADS C:\ProgramData\Temp:178093AE deleted successfully. ADS C:\ProgramData\Temp:10F6E97E deleted successfully. ADS C:\ProgramData\Temp A18D4E3 deleted successfully.ADS C:\ProgramData\Temp:38FF076E deleted successfully. ADS C:\ProgramData\Temp:01690B01 deleted successfully. ADS C:\ProgramData\Temp:706B1D1A deleted successfully. ADS C:\ProgramData\Temp:51A22C60 deleted successfully. ADS C:\ProgramData\Temp:C611D6C8 deleted successfully. ADS C:\ProgramData\Temp:B54102AD deleted successfully. ADS C:\ProgramData\Temp:ADFAD95A deleted successfully. ADS C:\ProgramData\Temp:488F7244 deleted successfully. ADS C:\ProgramData\Temp:80EA2EA3 deleted successfully. ADS C:\ProgramData\Temp:3AD6342E deleted successfully. ADS C:\ProgramData\Temp:27F44544 deleted successfully. ADS C:\ProgramData\Temp:942BD321 deleted successfully. ADS C:\ProgramData\Temp:33A7CC67 deleted successfully. ADS C:\ProgramData\Temp:CBCE0A92 deleted successfully. ADS C:\ProgramData\Temp:70F0A2F4 deleted successfully. ADS C:\ProgramData\Temp:6CBAF5F3 deleted successfully. ADS C:\ProgramData\Temp:A4AF8D0D deleted successfully. ADS C:\ProgramData\Temp:CE253B51 deleted successfully. ADS C:\ProgramData\Temp:76986D86 deleted successfully. ADS C:\ProgramData\Temp:3B3A35EC deleted successfully. ADS C:\ProgramData\Temp:2FF4577A deleted successfully. ADS C:\ProgramData\Temp:F86CC73E deleted successfully. ADS C:\ProgramData\Temp AFD38AE deleted successfully.ADS C:\ProgramData\Temp:551E1CB4 deleted successfully. ADS C:\ProgramData\Temp:18E45954 deleted successfully. ADS C:\ProgramData\Temp:CA99FD89 deleted successfully. ADS C:\ProgramData\Temp:E7C9DAAE deleted successfully. ADS C:\ProgramData\Temp:997E6AF4 deleted successfully. ADS C:\ProgramData\Temp:700CD00E deleted successfully. ADS C:\ProgramData\Temp:61A065F2 deleted successfully. ADS C:\ProgramData\Temp:EA7D76BE deleted successfully. ADS C:\ProgramData\Temp:BACB6B6C deleted successfully. ADS C:\ProgramData\Temp:A95A95AC deleted successfully. ADS C:\ProgramData\Temp 9F6664C deleted successfully.ADS C:\ProgramData\Temp:AA004D25 deleted successfully. ADS C:\ProgramData\Temp:6CEB2458 deleted successfully. ADS C:\ProgramData\Temp:38849DE5 deleted successfully. ADS C:\ProgramData\Temp 2397415 deleted successfully.ADS C:\ProgramData\Temp:4D066AD2 deleted successfully. ADS C:\ProgramData\Temp:097FF903 deleted successfully. ADS C:\ProgramData\Temp:02C1CB6D deleted successfully. ADS C:\ProgramData\Temp:F35AE645 deleted successfully. ADS C:\ProgramData\Temp:9B52F176 deleted successfully. ADS C:\ProgramData\Temp:3C9CF9A7 deleted successfully. ADS C:\ProgramData\Temp:588B60C7 deleted successfully. ADS C:\ProgramData\Temp:425759C6 deleted successfully. ADS C:\ProgramData\Temp:8C458D50 deleted successfully. ADS C:\ProgramData\Temp:1C9565AC deleted successfully. ADS C:\ProgramData\Temp:15752405 deleted successfully. ADS C:\ProgramData\Temp:5D10517E deleted successfully. ADS C:\ProgramData\Temp:18AE7C5A deleted successfully. ADS C:\ProgramData\Temp:25005EFA deleted successfully. ADS C:\ProgramData\Temp:1941675B deleted successfully. ADS C:\ProgramData\Temp:F50F1555 deleted successfully. ADS C:\ProgramData\Temp 2D4B33E deleted successfully.ADS C:\ProgramData\Temp:A23D24E7 deleted successfully. ADS C:\ProgramData\Temp:79A70C33 deleted successfully. ADS C:\ProgramData\Temp:3447AB86 deleted successfully. ADS C:\ProgramData\Temp:128A6DC9 deleted successfully. ADS C:\ProgramData\Temp:8173A019 deleted successfully. ADS C:\ProgramData\Temp:443268A9 deleted successfully. ADS C:\ProgramData\Temp:273A8657 deleted successfully. ADS C:\ProgramData\Temp:26946BE8 deleted successfully. ADS C:\ProgramData\Temp:61E5F0F7 deleted successfully. ADS C:\ProgramData\Temp:01442FD8 deleted successfully. ADS C:\ProgramData\Temp:5711EF65 deleted successfully. ADS C:\ProgramData\Temp:37CE0F2E deleted successfully. ADS C:\ProgramData\Temp:776E54F2 deleted successfully. ADS C:\ProgramData\Temp:0B61DB9F deleted successfully. ADS C:\ProgramData\Temp:A59DD4AD deleted successfully. ADS C:\ProgramData\Temp:3FC4A10A deleted successfully. ADS C:\ProgramData\Temp:3CF23EC3 deleted successfully. ADS C:\ProgramData\Temp:C337006C deleted successfully. ADS C:\ProgramData\Temp:27AD48A5 deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Error: Unable to interpret <Klick dann oben links auf den Button Fix!> in the current context! OTL by OldTimer - Version 3.2.26.5 log created on 08242011_210227 |
|
24.08.2011, 20:07
| #27 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) kann ich daraus richtig lesen das die hosts file schuld war ? da kam auch immer zufällig die datei hosts hat einen fehler verursacht aber der prozess ist immer noch da! |
|
24.08.2011, 20:10
| #28 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) vielleicht lag es daran dass ich bei dem otl den zeitraum 30tage eingestellt hatte , weil ich diesen prozess dort schon länger stehen habe . ich hatte mich nur letztens erst getraut auf prozess beenden zu klicken |
|
24.08.2011, 20:49
| #29 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) also ich habe jetzt nochmal den scan mit 360 tagen gemacht ich hoffe es gibt einer veränderung. Geändert von MoritzBecker (24.08.2011 um 21:19 Uhr) |
|
24.08.2011, 21:00
| #30 |
| | csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) ich habe das jetzt nochmal mit 360 tagen gemacht. und by the way bei mir funktioniert aus irgenteinem grund jzip nicht mehr. Geändert von MoritzBecker (24.08.2011 um 21:20 Uhr) |
|
| Themen zu csrss.exe - Prozess lässt sich nicht beenden (zugriff verweigert) |
| angegeben, beenden, beendet, ccc.exe, csrss.exe, folge, folgende, funktionier, funktioniert, gefunde, herunterfahren, installiere, installieren, konnte, laufen, meldung, namen, nicht möglich, nichts, prozess, service, service pack 2, taskmanager, verweigert, zugriff, zugriff verweigert, öfter |
Linear-Darstellung
