Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
tcbhn.exe wurde beendet und geschlossen.

tcbhn.exe wurde beendet und geschlossen.


Plagegeister aller Art und deren Bekämpfung: tcbhn.exe wurde beendet und geschlossen.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.05.2013, 16:18   #1
ndeen
 
tcbhn.exe wurde beendet und geschlossen. - Standard

tcbhn.exe wurde beendet und geschlossen.


Hallo,

ich habe das gleiche Problem wie bei:
http://www.trojaner-board.de/134519-...schlossen.html

Jedesmal wenn ich meinen Laptop hochfahre kommt diese Fehlermeldung: "tcbhn.exe wurde beendet und geschlossen." und wenn ich es schließe taucht diese in wenigen Minuten wieder auf.

Es passiert sonst nichts, ist aber nervig.

hier die Logs

Zoek.exe
Code:
ATTFilter
Zoek.exe Version 4.0.0.2 Updated 06-May-2013
Tool run by Nils on 06.05.2013 at 13:28:11,16.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default

---- Lines blabbers removed from prefs.js ----


---- Lines blabbers modified from prefs.js ----

user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9,foxyproxy%40eric.h.jung:4.2,%7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8,youtubeunblocker%40unblocker.yt:0.4.2,bbrs_002%40blabbers.com:1.0.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1347148330793}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"D:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1365775778643}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1367838327708},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1348392877052},\"foxyproxy@eric.h.jung\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\foxyproxy@eric.h.jung\",\"mtime\":1361143806044},\"youtubeunblocker@unblocker.yt\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\youtubeunblocker@unblocker.yt.xpi\",\"mtime\":1366118331923},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355312325092},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1360863437849},\"{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi\",\"mtime\":1362165799516}}}]");

---- Lines blabbers removed from user.js ----


---- FireFox user.js and prefs.js backups ---- 

user__1334_.backup
prefs__1334_.backup

==== Deleting Files \ Folders ======================

"C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Runner.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job" deleted
"C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe" deleted
"C:\Program Files\Common Files\DVDVideoSoft\TB" deleted
"C:\Users\Nils\AppData\Roaming\BrowserCompanion" deleted
"C:\ProgramData\GinyasBrowserCompanion" not deleted
"C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default\extensions\bbrs_002@blabbers.com" deleted
"C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default\extensions\bbrs_002@blabbers.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Nils\AppData\Local\Temp ====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
2013-05-06 10:43:30	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-04-10 17:30:40	2C1121F2B87E9A6B12485DF53CD848C7	1082232	----a-w-	C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-05-04 19:23:15	--------	d-----w-	C:\Program Files\DivX
2013-04-28 08:25:22	--------	d-----w-	C:\Program Files\Microsoft
2013-04-10 16:24:44	--------	d-----w-	C:\Program Files\Common Files\Skype
2013-04-07 09:45:26	--------	d-----w-	C:\Program Files\Microsoft Works
2013-04-07 09:44:30	--------	d-----w-	C:\Program Files\Microsoft Visual Studio
2013-04-07 09:44:30	--------	d-----w-	C:\Program Files\Common Files\DESIGNER
2013-04-07 09:41:00	--------	d-----w-	C:\Program Files\Microsoft Visual Studio 8
2013-04-07 09:39:48	--------	d-----w-	C:\Program Files\Microsoft Office
======= C: =====
====== C:\Users\Nils\AppData\Roaming ======
2013-04-27 10:52:24	--------	d-----w-	C:\users\Default\AppData\Local\Microsoft Help
2013-04-27 10:52:24	--------	d-----w-	C:\users\Default User\AppData\Local\Microsoft Help
2013-04-12 17:52:09	1F55F8EBC0F65DD8AE5E60D2BFF82D9A	3584	----a-w-	C:\users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-07 09:39:56	--------	d-----w-	C:\users\Nils\AppData\Local\Microsoft Help
====== C:\Users\Nils ======
2013-05-04 19:17:02	--------	d-----w-	C:\ProgramData\DivX
2013-04-28 08:25:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2013-04-07 09:47:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-04-07 09:39:47	--------	d-----w-	C:\ProgramData\Microsoft Help

====== C: exe-files ==
2013-05-06 10:42:29	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(3).exe
2013-05-06 09:01:14	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-05-06 08:59:36	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-05-06 08:56:16	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-04 19:16:47	D1E02B0F533E5D1DF24CD40C1BD74D10	952128	----a-w-	C:\Users\Nils\Downloads\DivXInstaller.exe
2013-05-02 22:38:04	8F11F0321ED84B1533FC1384AC71AC8D	59784	----atw-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
2013-05-02 22:38:04	00F714CA28A01FACB709486D6DA306A8	59784	----atw-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
2013-05-02 22:38:03	C26BB2535C1B20DEAFAEB12634BF4DC9	781592	----a-w-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
2013-05-02 22:37:56	4E252E85E5DC31BD645E809222AFAF27	287624	----atw-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
2013-05-02 22:37:55	76B35CB0F3A4E69D6DFF27F542B9F856	216968	----atw-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
2013-05-02 22:37:53	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdate.exe
2013-05-02 22:37:51	C26BB2535C1B20DEAFAEB12634BF4DC9	781592	----a-w-	C:\Users\Nils\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
=== C: other files ==
2013-05-06 10:43:30	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"GoogleChromeAutoLaunch_1C06F4F014860E95AE736C749201F366"="C:\Users\Nils\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"DivXMediaServer"="d:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"GoogleChromeAutoLaunch_1C06F4F014860E95AE736C749201F366"="C:\Users\Nils\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Nils\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


==== Startup Folders ======================

2012-09-06 17:05:50	748	----a-w-	C:\users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16.04.2013 15:23]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000Core.job --a------ C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe [06.09.2012 22:02]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000UA.job --a------ C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe [06.09.2012 22:02]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
- YouTube Unblocker - %ProfilePath%\extensions\youtubeunblocker@unblocker.yt.xpi
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default
3D928B3FE97C403A33F803B3D1A260C9	- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll -	Google Update
F7E72D3A281F922BACEC1A71A826D4C2	- C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll -	Shockwave Flash
05C4A7136F3012BB47107333B5D351D3	- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 7 U17
D4BD9F86123C87ECA570418B69326F99	- C:\Windows\system32\npDeployJava1.dll -	Java Deployment Toolkit 7.0.170.2
F647D0BEA553C1D0C251CE07DA6A5511	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
DB988B4550DB9BCE86F9199D961057FC	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
24E990B1E6D55428001843CF7217DD81	- C:\Program Files\Microsoft\Office Live\npOLW.dll -	Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
AB87EEFFD18F2BAAFC274E7075EA6C67	- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
DFCAB29E8FD38F95650CC1E203E8D318	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bodddioamolcibagionmmobehnbhiakf - C:\Program Files\BrowserCompanion\blabbers-ch.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Nils\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[27.09.2012 21:12]

Browser Companion Helper - Nils - Default\Extensions\bodddioamolcibagionmmobehnbhiakf
DvdVideoSoft Free Youtube Download - Nils - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

==== Chrome Fix ======================

C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Nils\AppData\Local\Mozilla\Firefox\Profiles\nvis6il1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Nils\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Nils\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\ProgramData\GinyasBrowserCompanion"  not found
Extras.Txt

Code:
ATTFilter
OTL Extras logfile created on: 06.05.2013 16:56:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nils\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,19% Memory free
6,23 Gb Paging File | 4,42 Gb Available in Paging File | 71,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,48 Gb Total Space | 32,42 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 349,45 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
 
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{156CAAC6-F103-4B5E-892F-F7D7B2938272}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{188B4B2A-9CD6-457A-995A-5B2E48848DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{295DCB38-B590-41DE-9FFB-E1661DACF17F}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{77D7A71A-9108-491F-A412-AED387EADE6A}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe | 
"{7F7F850F-06BE-4274-8CF7-1B2F8D087D76}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{859347F0-0EC1-4DFA-9C82-01D1E723679E}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe | 
"{8AE456CF-C542-4CE7-8223-6119FC48B030}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{9E3FC560-6FFD-40D2-9323-18B83BE93FDB}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AEA63DF1-7FD2-4378-ABCB-05B73BFEA746}" = protocol=17 | dir=in | app=d:\program files\ventrilo\ventrilo.exe | 
"{AFD51B85-9501-4957-994A-195E3027EAFD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{D583F902-43E3-4EAB-9BC3-AD0E2E340E69}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{EE7A9D0B-7F27-4D87-93A1-F289E66508E0}" = protocol=6 | dir=in | app=d:\program files\ventrilo\ventrilo.exe | 
"{F556CFE5-A020-4012-9BA5-7071F7287AF9}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{FBE47B90-97F3-46F6-8A3F-270AC7EDD2B7}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"TCP Query User{0E3FEF09-40C0-4ABF-8AC7-23786D6606F5}D:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\program files\guild wars 2\gw2.exe | 
"TCP Query User{481187EC-461B-4DAA-B073-454B3AD0B4E8}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe | 
"TCP Query User{556EFF0B-FF6C-45D3-A53F-E5D115C31C51}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe | 
"TCP Query User{55F2CB84-4240-446F-BABC-82B4184D39A3}D:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\program files\guild wars 2\gw2.exe | 
"TCP Query User{6FF65213-7205-4D4D-A673-00776C27DC64}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe | 
"TCP Query User{81604724-FBE0-43EA-9124-00421260DFD1}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{77B619EA-70CE-4CC2-82EB-81F39E9302C8}D:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\program files\guild wars 2\gw2.exe | 
"UDP Query User{99AC6B79-076E-4D4D-ACF5-55EC49BBBC91}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe | 
"UDP Query User{B0173481-2700-444D-AA9F-54E3B7C53334}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{D48467AB-B4C2-4656-9B16-606F9B121954}D:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\program files\guild wars 2\gw2.exe | 
"UDP Query User{DBE97F2C-2899-4FE9-8FFC-5593A757815B}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe | 
"UDP Query User{E572545A-B1FD-451A-84E1-8498E692794B}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{759E97EC-9E3D-4F55-C321-7819C93F0887}" = ccc-utility
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Pro Control Center
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2EAE643-8804-9420-5DBE-2752D6957964}" = AMD Catalyst Install Manager
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA042EF2-5103-2F7E-C313-976C6F761EBE}" = AMD Fuel
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"GinyasBrowserCompanion" = GinyasBrowserCompanion
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"paw·ned²" = paw·ned² v1.3
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Guild Wars" = GUILD WARS
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.05.2013 19:50:07 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x198, Anwendungsstartzeit 01ce49eb4432c168.
 
Error - 05.05.2013 19:50:07 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x1f4, Anwendungsstartzeit 01ce49eb4432e878.
 
Error - 06.05.2013 04:33:52 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0xa80, Anwendungsstartzeit 01ce4a346e881f04.
 
Error - 06.05.2013 04:38:28 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description = 
 
Error - 06.05.2013 04:46:49 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x17d8, Anwendungsstartzeit 01ce4a356f3adf94.
 
Error - 06.05.2013 07:11:22 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x8e8, Anwendungsstartzeit 01ce4a4a63a4c0a0.
 
Error - 06.05.2013 07:13:03 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x1f4, Anwendungsstartzeit 01ce4a4aaceb8a4a.
 
Error - 06.05.2013 07:13:03 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
 fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
 0xc0000005, Fehleroffset 0x000665c9,  Prozess-ID 0x82c, Anwendungsstartzeit 01ce4a4aacfb8fda.
 
Error - 06.05.2013 07:19:33 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description = 
 
Error - 06.05.2013 08:01:11 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description = 
 
[ System Events ]
Error - 25.12.2012 13:14:42 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.12.2012 um 18:11:55 unerwartet heruntergefahren.
 
Error - 28.12.2012 10:43:08 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 28.12.2012 um 14:38:54 unerwartet heruntergefahren.
 
Error - 28.12.2012 17:28:18 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 28.12.2012 um 21:50:20 unerwartet heruntergefahren.
 
Error - 29.12.2012 06:39:58 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.12.2012 um 11:37:51 unerwartet heruntergefahren.
 
Error - 04.01.2013 14:20:46 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 06.01.2013 12:23:28 | Computer Name = Nils-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.21 für die Netzwerkkarte mit der Netzwerkadresse
 00265E44810B wurde durch den DHCP-Server 192.168.200.253 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 08.01.2013 14:46:28 | Computer Name = Nils-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 08.01.2013 14:46:35 | Computer Name = Nils-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 12.01.2013 07:42:31 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description = 
 
Error - 18.01.2013 15:27:16 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description = 
 
 
< End of report >
und OTL-Txt
Code:
ATTFilter
OTL logfile created on: 06.05.2013 16:56:16 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nils\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,19% Memory free
6,23 Gb Paging File | 4,42 Gb Available in Paging File | 71,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,48 Gb Total Space | 32,42 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 349,45 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
 
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.06 16:54:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nils\Downloads\OTL.exe
PRC - [2013.05.03 00:37:51 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe
PRC - [2013.04.19 23:10:48 | 001,631,144 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2013.04.16 15:23:56 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013.04.12 16:09:38 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.29 20:42:03 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.29 20:41:58 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.29 20:41:57 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.29 20:41:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.20 21:25:52 | 000,409,696 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\WINWORD.EXE
PRC - [2012.09.28 16:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice\program\soffice.bin
PRC - [2012.07.04 08:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.07.04 08:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 15:18:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.11 15:18:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.02.26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009.01.13 16:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe
PRC - [2009.01.08 12:07:56 | 000,450,663 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2009.01.08 12:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.19 23:10:50 | 001,114,024 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013.04.16 15:23:55 | 016,032,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013.04.12 16:09:37 | 003,133,336 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- D:\Program Files\Steam\SDL2.dll
MOD - [2013.02.14 02:07:41 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013.01.10 04:12:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 04:12:09 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013.01.10 04:08:58 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013.01.10 04:08:33 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013.01.10 04:08:24 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.01.10 04:08:21 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 04:08:19 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013.01.10 04:08:11 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013.01.10 04:08:08 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013.01.10 04:08:03 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013.01.10 04:08:01 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.01.10 04:07:52 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012.09.28 16:42:42 | 000,095,232 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- D:\Program Files\OpenOffice\program\libxml2.dll
MOD - [2012.07.04 07:09:18 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2011.10.05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
 
 
========== Services (SafeList) ==========
 
SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.16 15:23:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.29 20:42:03 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.29 20:41:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.28 16:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.08.25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.04 08:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2009.01.13 16:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe -- (AESTFilters)
SRV - [2009.01.08 12:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe -- (STacSV)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.03.29 20:42:04 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.29 20:42:04 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.29 20:42:04 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.07.04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.07.04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.07.04 07:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.05.13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.01.20 14:49:26 | 000,142,848 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.01.08 11:07:56 | 000,391,168 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.12.20 00:01:46 | 001,093,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: d:\Program Files\Mozilla Firefox\components [2013.04.12 16:09:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013.04.12 16:09:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
 
[2012.09.05 21:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Extensions
[2013.05.06 13:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\nvis6il1.default\extensions
[2013.02.18 01:30:06 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\nvis6il1.default\extensions\foxyproxy@eric.h.jung
[2012.09.23 11:34:37 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\DivXWebPlayer@divx.com.xpi
[2013.04.16 15:18:51 | 000,008,023 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012.12.12 13:38:45 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 19:37:17 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.01 21:23:19 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin:  (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Nils\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_1\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] d:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = D:\Program Files\OpenOffice\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42C02B9C-E73E-41B9-93B4-BE7DA352336C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.06 13:56:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.06 13:38:59 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2013.05.06 13:38:59 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Local\Temp
[2013.05.06 12:43:45 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Roaming\Malwarebytes
[2013.05.06 12:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.06 12:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.06 12:43:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.05.06 12:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.04 21:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.04 21:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.04.28 10:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.04.28 10:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013.04.10 23:14:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 23:14:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 23:14:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 23:14:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 23:14:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.10 23:14:48 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 23:14:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.10 23:14:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.10 19:30:38 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 19:30:38 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 19:30:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 19:29:35 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.04.10 19:29:34 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 18:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.04.07 11:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.04.07 11:47:18 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2013.04.07 11:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013.04.07 11:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.04.07 11:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.04.07 11:43:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.04.07 11:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013.04.07 11:39:56 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Local\Microsoft Help
[2013.04.07 11:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.04.07 11:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.04.07 11:38:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.06 16:43:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000UA.job
[2013.05.06 16:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.06 15:55:46 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 15:55:46 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 15:22:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.06 13:55:33 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.06 13:28:06 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2013.05.06 12:43:32 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.06 01:51:05 | 000,404,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.06 00:43:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000Core.job
[2013.04.16 15:23:56 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.16 15:23:56 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.12 19:52:14 | 000,003,584 | ---- | M] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 10:39:31 | 000,002,037 | ---- | M] () -- C:\Users\Nils\Desktop\Google Chrome.lnk
 
========== Files Created - No Company Name ==========
 
[2013.05.06 13:38:59 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013.05.06 12:43:32 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.12 19:52:09 | 000,003,584 | ---- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.28 21:22:33 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012.09.28 16:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.09.05 21:02:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.05 19:15:23 | 000,001,356 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2012.07.04 07:09:18 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012.03.06 19:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 15:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 15:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
Viele dank schonmal in vorraus

 

Themen zu tcbhn.exe wurde beendet und geschlossen.
adblock, antivir, avira, bho, converter, desktop, error, excel, firefox, flash player, google, helper, home, install.exe, logfile, mozilla, mp3, ntdll.dll, plug-in, problem, realtek, recycle.bin, registry, scan, security, senden, software, sttray.exe, system, teamspeak, windows


« GVU Trojaner 2.12 - Bereinigung | Oracle Amerika Inc. zerstört meinen Laptop »


Ähnliche Themen: tcbhn.exe wurde beendet und geschlossen.


  1. tcbhn hat ein Problem festgestellt und muß beendet werden
    Log-Analyse und Auswertung - 08.02.2015 (1)
  2. Microsoft Windows meldet: AdobeFlashPlayer Update Service 11.6 r602 wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (9)
  3. tcbhn wurde beendet
    Log-Analyse und Auswertung - 15.08.2013 (39)
  4. Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden
    Log-Analyse und Auswertung - 23.07.2013 (30)
  5. Fehlermeldung: tcbhn wurde geschlossen
    Log-Analyse und Auswertung - 08.07.2013 (11)
  6. tcbhn wurde beendet und geschlossen!
    Log-Analyse und Auswertung - 14.06.2013 (30)
  7. tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 13.06.2013 (47)
  8. Tcbhn wurde beendet und geschlossen - Virus?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (9)
  9. tcbhn.exe wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (3)
  10. Tcbhn wurde beendet und geschlossen
    Log-Analyse und Auswertung - 03.05.2013 (7)
  11. tcbhn hat ein Problem festgestellt und muß beendet werden
    Log-Analyse und Auswertung - 28.04.2013 (4)
  12. Meldung: tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 23.04.2013 (21)
  13. tcbhn wurde beendet und geschlossen?
    Log-Analyse und Auswertung - 23.04.2013 (8)
  14. Meldung: tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (11)
  15. tbhcn wurde beendet und geschlossen
    Log-Analyse und Auswertung - 14.03.2013 (23)
  16. tcbhn wurde beendet und geschlossen?
    Plagegeister aller Art und deren Bekämpfung - 22.02.2013 (43)
  17. Hostprozess für Windows-Dienste wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 01.09.2010 (28)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema tcbhn.exe wurde beendet und geschlossen. - Hallo, ich habe das gleiche Problem wie bei: http://www.trojaner-board.de/134519-...schlossen.html Jedesmal wenn ich meinen Laptop hochfahre kommt diese Fehlermeldung: "tcbhn.exe wurde beendet und geschlossen." und wenn ich es schließe taucht diese - tcbhn.exe wurde beendet und geschlossen....
Archiv
Du betrachtest: tcbhn.exe wurde beendet und geschlossen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131