| |
| |||||||
Log-Analyse und Auswertung: Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.07.2013, 17:14
| #1 |
 |  Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden Ich habe folgendes Problem. Mein Computer ist sehr langsam und immer wenn ich meinen PC starte taucht die Meldung : tcbhn.exe hat ein Problem festgestellt und muss beendet werden. Ich habe versuct alle 3 schritte durchzuführen aber leider hat der letzt nicht geklappt. ich poste aber trotzdem die ersten Logs. Ich hoffe ihr könnt mir helfen. mfg Hier die Logs: 1: defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 05:20 on 29/06/2013 (user) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=- 2: OTL OTL logfile created on: 29.06.2013 05:27:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,64% Memory free 3,85 Gb Paging File | 3,26 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 149,03 Gb Total Space | 94,62 Gb Free Space | 63,49% Space Free | Partition Type: NTFS Drive D: | 149,06 Gb Total Space | 80,45 Gb Free Space | 53,97% Space Free | Partition Type: NTFS Computer Name: DACHBODEN | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.29 05:26:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe PRC - [2013.06.14 02:48:41 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.14 02:48:19 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.06.14 02:48:14 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.14 02:48:14 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.05.07 02:49:43 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2013.04.04 10:36:40 | 000,958,576 | R--- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2013.01.24 22:54:48 | 000,741,888 | ---- | M] (Blabbers Communications Ltd) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.07.27 04:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Programme\WinTV\EPG Services\System\EPGClient.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.25 16:10:42 | 000,049,152 | ---- | M] (SigmaChip) -- C:\WINDOWS\SGStiMon.exe PRC - [2007.06.21 14:42:56 | 000,070,952 | R--- | M] (AOL LLC) -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLDial.exe PRC - [2007.05.21 11:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2007.05.21 11:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2007.05.15 10:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLacsd.exe PRC - [2006.09.26 02:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Gemeinsame Dateien\aol\1266255754\ee\aolsoftware.exe PRC - [2003.12.08 18:35:14 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe PRC - [2002.09.12 13:02:40 | 000,069,632 | ---- | M] (CyberLink) -- C:\Programme\Medion\PowerCinema\My_TV\Agent.exe PRC - [2002.07.24 19:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe ========== Modules (No Company Name) ========== MOD - [2013.05.14 02:49:26 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll MOD - [2013.02.20 03:09:13 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2013.02.12 00:48:02 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll MOD - [2013.01.09 12:31:20 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll MOD - [2013.01.09 12:00:06 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013.01.09 11:59:50 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013.01.09 11:58:33 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013.01.09 11:58:14 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2009.02.03 15:41:27 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.02.03 15:41:25 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.02.03 14:38:05 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2908.16950__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2009.02.03 14:38:05 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2908.17117__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2908.17139__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2908.16911__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2009.02.03 14:38:05 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2908.16962__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2908.17131__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2009.02.03 14:38:05 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2908.16942__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2009.02.03 14:38:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2908.16929__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2009.02.03 14:38:04 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2908.17160__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2009.02.03 14:38:04 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2908.17098__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2009.02.03 14:37:53 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2908.17105__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2908.17167__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2908.17111__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2009.02.03 14:37:53 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2908.16923__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2908.17104__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2009.02.03 14:37:52 | 001,032,192 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.2908.17020__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.2908.17013__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll MOD - [2009.02.03 14:37:51 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2908.17132__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,794,624 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2908.16976__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2908.16930__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2908.17124__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2009.02.03 14:37:51 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2908.16969__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2009.02.03 14:37:51 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2908.16982__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2009.02.03 14:37:51 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2009.02.03 14:37:51 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2908.17091__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2908.17099__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2908.17059__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2908.17051__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2908.17063__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2886.28801__90ba9c70f846762e\LOG.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2886.28803__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2886.28837__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2886.28812__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2886.28829__90ba9c70f846762e\MOM.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2886.28836__90ba9c70f846762e\DEM.OS.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2886.28862__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2886.28831__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2886.28863__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2009.02.03 14:37:50 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2886.28804__90ba9c70f846762e\CLI.Foundation.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2886.28823__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2009.02.03 14:37:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2886.28860__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2886.28885__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2009.02.03 14:37:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.2886.28846__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2886.28848__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2886.28817__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2886.28813__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2886.28837__90ba9c70f846762e\DEM.Graphics.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2886.28819__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2886.28838__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2009.02.03 14:37:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2886.28849__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2886.28830__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2009.02.03 14:37:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2886.28832__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2886.28831__90ba9c70f846762e\APM.Foundation.dll MOD - [2009.02.03 14:37:48 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2009.02.03 14:37:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2886.28801__90ba9c70f846762e\AEM.Foundation.dll MOD - [2009.02.03 14:37:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2009.02.03 14:37:45 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2908.17144_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2009.02.03 14:37:44 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2908.17152__90ba9c70f846762e\MOM.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2908.17150__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2908.17177__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2009.02.03 14:37:44 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2886.28814__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2009.02.03 14:37:44 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2886.28834__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2009.02.03 14:37:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2886.28808__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2009.02.03 14:37:44 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2908.17188__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2908.16901__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2009.02.03 14:37:43 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2908.16937__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2009.02.03 14:37:43 | 000,454,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2908.17144__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2009.02.03 14:37:43 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2908.16903__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2009.02.03 14:37:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2886.28834__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2009.02.03 14:37:43 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2886.28809__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2009.02.03 14:37:43 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2886.28826__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2009.02.03 14:37:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2886.28832__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2009.02.03 14:37:42 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2908.16918__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2009.02.03 14:37:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2908.16903__90ba9c70f846762e\ATIDEMOS.dll MOD - [2009.02.03 14:37:42 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2908.16902__90ba9c70f846762e\APM.Server.dll MOD - [2009.02.03 14:37:42 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2908.16901__90ba9c70f846762e\AEM.Server.dll MOD - [2009.02.03 14:37:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2009.02.03 14:37:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2908.17151__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009.02.03 14:37:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.02.03 14:37:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2886.28851__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2009.02.03 14:37:41 | 001,175,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.VividDesktop.Dashboard\1.2.2924.20909__90ba9c70f846762e\CLI.AIB.VividDesktop.Dashboard.dll MOD - [2009.02.03 14:37:41 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.TutorialOverDrive3.Tutorial.Dashboard\1.2.2924.20912__90ba9c70f846762e\CLI.AIB.TutorialOverDrive3.Tutorial.Dashbo ard.dll MOD - [2009.02.03 14:37:41 | 000,417,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.VividVideoPlayback.Dashboard\1.2.2924.20913__90ba9c70f846762e\CLI.AIB.VividVideoPlayback.Dashboard.dll MOD - [2009.02.03 14:37:41 | 000,151,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2924.20913__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashbo ard.dll MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008.01.03 19:29:50 | 001,888,256 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.05.15 10:53:12 | 000,876,544 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll MOD - [2007.05.15 10:53:12 | 000,159,744 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll MOD - [2007.05.15 10:53:12 | 000,024,691 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so MOD - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe MOD - [2002.09.12 13:02:28 | 000,036,864 | ---- | M] () -- C:\Programme\Medion\PowerCinema\My_TV\SysRecSchedule.dll MOD - [2002.09.03 16:23:50 | 000,036,864 | ---- | M] () -- C:\Programme\Medion\PowerCinema\My_TV\MyTVLang.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (Steam Client Service) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.06.14 02:48:41 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.14 02:48:14 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.04 08:21:13 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.02 07:51:17 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.07 02:49:43 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService) SRV - [2007.05.21 11:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2007.05.21 11:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2007.05.15 10:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface) SRV - [2006.12.14 16:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLacsd.exe -- (AOL ACS) SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Boot | Stopped] -- -- (PxHelp20) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.03.27 20:46:53 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013.03.27 20:46:53 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.03.27 20:46:53 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.02.20 03:09:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.11.07 20:39:38 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.07 12:19:46 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06) DRV - [2008.05.28 21:05:00 | 000,420,096 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw66xxx.sys -- (hcw66xxx) DRV - [2008.04.02 15:58:28 | 000,005,460 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SG310Hub.sys -- (FilterService) DRV - [2008.04.02 15:55:52 | 000,986,590 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SG310UVC.sys -- (SG310 Video Capture) DRV - [2008.02.26 10:01:44 | 004,737,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007.12.18 04:46:22 | 002,849,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007.05.21 04:43:12 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007.05.21 04:43:08 | 000,046,080 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006.12.28 05:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006.10.18 02:31:38 | 000,105,472 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005.11.16 01:42:48 | 000,045,056 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iviVD.sys -- (iviVD) DRV - [2004.08.11 18:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004.07.09 04:26:38 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2003.06.12 08:47:42 | 000,024,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune) DRV - [2003.06.05 08:04:22 | 000,350,752 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) DRV - [2003.01.10 23:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.foxtab.com/?s=0&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms} IE - HKLM\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 33 C0 6C C5 A5 CA 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=54d39eba000000000000002215d91bfc IE - HKCU\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms} IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: bbrs_003%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll (Fun Web Products, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.10.08 16:04:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.06.04 08:21:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.24 11:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Extensions [2010.05.24 11:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2013.02.03 18:02:46 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions [2013.02.03 18:02:46 | 000,000,000 | ---D | M] (Ginyas Browser Companions) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com [2013.06.06 04:52:29 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae942 4591b_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\266efba29a8dc2649e413548c9a f865c_expire [2013.04.05 04:10:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d0 79658_expire [2013.02.03 18:06:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26 be41f_expire [2013.04.10 12:30:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\4e6cace4f315fec36500e6b8d99 cc694_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\559d3b97ddd036cd43981f82bb6 43a6b_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef2 9a005_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995 f57a6_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa 126a0_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bc417bfcd62af75b6bf321501f6 3d514_expire [2013.03.28 22:41:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba38 80579_expire [2013.06.27 02:32:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\c93f2aa3f7ed8c08097d4d5c3c2 c61e1_expire [2013.02.04 19:25:49 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e42 64271_expire [2013.02.03 18:06:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfb e0d6b_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062 b1c6f_expire [2013.06.04 08:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.06.04 08:21:15 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}, CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: CS portable = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bijcilgmpgmllbihfhofoobmbjbbkenl\1.2_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Ginyas Browser Companions = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\ CHR - Extension: Adblock Plus = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: CS Portable Online = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dghpcggldbdhganhodihdiibcenplegh\1.2_0\ CHR - Extension: Plants vs Zombies HD Reloaded = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hjkhoacaklmakefhjplfdnadddjfhaof\1.1.4_0\ CHR - Extension: Isoball 3 = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\ CHR - Extension: Grepolis = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog\2.11.14_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Chatvibes Browser Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\GinyasBrowserCompanions\updatebhoWin32.dll (Blabbers Communications Ltd) O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Agent] C:\Programme\Medion\PowerCinema\My_TV\Agent.exe (CyberLink) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\acs\AOLDial.exe (AOL LLC) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [RemoteControl] C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SG310Monitor] C:\WINDOWS\SGStiMon.exe (SigmaChip) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_17\Trayserver.exe (MAGIX AG) O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; SIMBAR={2EF45E0D-3817-4B60-8F98-438832E8C391}; GTB0.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET CLR 1.1.4322; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"hxxp://www.y8.com/games/Moto_X_Freestyle" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html () O8 - Extra context menu item: &Download by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/201 File not found O8 - Extra context menu item: &Grab video by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/204 File not found O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/203 File not found O8 - Extra context menu item: Down&load all by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/202 File not found O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/mindspark/ei/1.2.5.7-2/MyFunCards.cab (Fun Web Products Installer Start) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game01.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{299DC91C-2BD8-49CA-B572-DFFFECAAD5BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.03 14:20:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell - "" = AutoRun O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{74cc7fdc-6715-11df-9c27-002215d91bfc}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell - "" = AutoRun O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.06.29 05:27:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe [2013.06.27 04:55:58 | 000,000,000 | ---D | C] -- C:\Programme\Cube World [2013.06.27 04:52:34 | 000,000,000 | ---D | C] -- C:\DirectX [2013.06.27 02:57:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Recent [2013.06.27 02:56:23 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2013.06.27 02:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Auslogics [2013.06.27 02:49:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Auslogics [2013.06.26 00:36:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2013.06.25 19:51:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Picroma [2013.06.25 19:51:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Cube World [2013.06.24 01:54:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Xfire [2013.06.21 10:27:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Unity [2013.06.21 10:24:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Unity [2013.06.20 16:02:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Google Chrome [2013.06.20 15:24:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Verwaltung [2013.06.19 19:24:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\Gameforge Live [2013.06.19 19:24:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Gameforge4d [2013.06.16 11:07:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\RapidSolution [2013.06.15 10:07:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\MAGIX Projekte [2013.06.15 07:05:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\My Games [2013.06.04 08:21:02 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.05.17 02:18:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.29 05:26:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe [2013.06.29 05:24:59 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions FireFox Watcher.job [2013.06.29 05:24:55 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Chrome Watcher.job [2013.06.29 05:22:41 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Stats Report.job [2013.06.29 05:22:40 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.06.29 05:22:40 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Update Checker.job [2013.06.29 05:22:35 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.06.29 05:22:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.06.29 05:21:03 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable [2013.06.29 05:21:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.06.29 05:20:38 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Defogger.exe [2013.06.29 05:11:00 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job [2013.06.29 05:06:45 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2013.06.28 20:51:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.06.26 18:14:17 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Microsoft Office Word 2003.lnk [2013.06.26 06:10:56 | 000,000,046 | ---- | M] () -- C:\WINDOWS\Speed.INI [2013.06.26 01:03:46 | 000,000,040 | ---- | M] () -- C:\WINDOWS\KA.INI [2013.06.26 01:02:48 | 000,506,660 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.06.26 01:02:48 | 000,484,796 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.06.26 01:02:48 | 000,096,514 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.06.26 01:02:48 | 000,080,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.06.24 04:49:06 | 000,032,768 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.06.24 04:48:17 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013.06.21 07:48:39 | 000,355,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.06.20 16:11:00 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job [2013.06.20 16:02:25 | 000,002,480 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk [2013.06.20 15:43:10 | 000,027,186 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154300.reg [2013.06.20 15:42:47 | 000,729,230 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154215.reg [2013.06.14 14:08:06 | 000,000,026 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\hdegds.stk [2013.06.14 14:05:24 | 000,000,050 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\zetz.stk [2013.06.14 13:57:30 | 000,000,026 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\jjj.stk [2013.06.10 06:14:32 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.29 05:20:54 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable [2013.06.29 05:20:43 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Defogger.exe [2013.06.20 16:02:25 | 000,002,480 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk [2013.06.20 16:01:11 | 000,001,238 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job [2013.06.20 16:01:11 | 000,001,186 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job [2013.06.20 15:43:07 | 000,027,186 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154300.reg [2013.06.20 15:42:19 | 000,729,230 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154215.reg [2013.06.14 14:08:06 | 000,000,026 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\hdegds.stk [2013.06.14 14:05:24 | 000,000,050 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\zetz.stk [2013.06.14 13:57:30 | 000,000,026 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\jjj.stk [2013.06.10 06:13:43 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk [2013.06.10 06:13:43 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2013.05.21 01:37:46 | 000,190,124 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\ESt2012_Rappen_Heinz_und_Rappen_Carola.elfo [2013.05.17 02:18:14 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\01lh.pad [2013.04.27 15:11:27 | 000,084,308 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2013.03.17 16:07:21 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Speed.INI [2013.01.23 08:21:47 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\.recently-used.xbel [2012.12.23 12:58:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2012.12.23 12:58:01 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2012.10.08 17:42:42 | 004,891,718 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-515967899-1708537768-839522115-1004-0.dat [2012.10.08 17:42:42 | 000,320,318 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.08.27 18:08:53 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini [2012.08.27 18:08:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI [2012.08.27 18:08:49 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE [2012.08.27 18:04:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll [2012.08.27 18:03:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll [2012.08.27 18:01:53 | 000,004,951 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI [2012.05.09 14:29:06 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Rappen_elster_2048.pfx [2012.04.28 14:51:46 | 000,187,628 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\ESt2011_Rappen.elfo [2012.02.16 11:53:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.02.25 21:44:22 | 000,000,298 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\UnifiedToolbarCleanup.bat [2011.02.25 21:44:08 | 000,000,333 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\KiweeChatbarCleanup.bat [2011.02.24 15:55:05 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\steam_md4.dat [2011.02.18 22:12:35 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\__ng3d.lock [2011.01.16 20:07:45 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\games.stat [2011.01.15 13:39:45 | 000,153,122 | ---- | C] () -- C:\Programme\Superturner.gif [2011.01.15 13:36:44 | 000,000,099 | ---- | C] () -- C:\Programme\Platz 3.stk [2011.01.15 13:34:54 | 000,000,075 | ---- | C] () -- C:\Programme\Platz 2.stk [2011.01.15 13:28:36 | 000,000,075 | ---- | C] () -- C:\Programme\Platz 1.stk [2011.01.15 12:59:42 | 000,000,081 | ---- | C] () -- C:\Programme\Turnstange.stk [2011.01.15 12:23:59 | 000,000,076 | ---- | C] () -- C:\Programme\Schild.stk [2010.03.07 12:23:31 | 000,032,768 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.02.07 15:42:09 | 000,040,960 | ---- | C] () -- C:\Programme\Uninstall_CDS.exe ========== ZeroAccess Check ========== [2009.02.03 14:34:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.01.05 13:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon [2010.08.04 17:26:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2010.09.23 20:49:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEGV [2010.12.14 19:18:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan [2010.11.07 20:39:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2013.05.19 19:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2012.10.08 16:21:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake [2009.03.09 17:39:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse [2013.06.29 05:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions [2011.02.13 14:10:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.01.16 17:50:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium [2011.01.16 17:50:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InterAction studios [2012.07.17 10:55:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Langenscheidt [2013.03.13 09:14:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2013.03.11 14:35:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Movavi Video Suite 11 SE [2013.06.25 19:51:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Picroma [2009.06.28 14:16:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst [2013.06.28 18:42:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2009.03.11 10:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpinTop Games [2009.12.22 11:42:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2009.09.22 15:20:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio [2010.05.24 11:44:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2009.02.04 19:14:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2009.02.05 11:36:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom [2013.06.29 05:03:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\.minecraft [2013.02.20 03:41:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Advanced System Protector [2013.06.27 02:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Auslogics [2012.01.05 13:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Babylon [2010.12.14 19:18:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Canon [2010.10.02 16:35:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\cerasus [2010.10.01 20:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\cerasus.media [2010.12.09 18:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Diercke Globus [2013.06.20 15:56:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\DVDVideoSoft [2013.05.19 19:55:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\elsterformular [2012.12.23 11:51:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\gtk-2.0 [2011.02.10 20:35:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Gutscheinmieze [2010.09.02 18:49:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Klett [2012.07.17 10:55:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Langenscheidt [2011.08.20 19:05:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Leadertech [2013.03.02 16:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\LolClient [2013.03.13 09:14:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\MAGIX [2013.03.11 14:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\MOVAVI [2013.03.03 12:07:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\OpenCandy [2013.06.20 15:41:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Orbit [2013.05.11 02:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\PriceGong [2011.02.10 20:43:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\ProgSense [2013.06.28 05:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify [2013.06.26 00:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Systweak [2010.05.24 11:43:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\TomTom [2013.06.21 10:27:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Unity [2010.02.03 17:10:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Viewpoint ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:671329E4 < End of report > und Extras: OTL Extras logfile created on: 29.06.2013 05:27:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,64% Memory free 3,85 Gb Paging File | 3,26 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 149,03 Gb Total Space | 94,62 Gb Free Space | 63,49% Space Free | Partition Type: NTFS Drive D: | 149,06 Gb Total Space | 80,45 Gb Free Space | 53,97% Space Free | Partition Type: NTFS Computer Name: DACHBODEN | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.CHU72JXHC5OPXC5TOBFP76H7U4] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5340:TCP" = 5340:TCP:*:Enabled:5340 "350:UDP" = 350:UDP:*:Enabled:5350 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify\spotify.exe" = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) "C:\Programme\AOL 9.0 VR\aol.exe" = C:\Programme\AOL 9.0 VR\aol.exe:*:Enabled:AOL 9.0 -- (AOL, LLC.) "C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe" = C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC) "C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe" = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.) "C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06A174A4-E8DD-4C55-2345-C2C5FF9FDBE5}" = Catalyst Control Center Localization Chinese Traditional "{1169A9D8-AB43-2DAF-E4CE-CFA17EA46AA0}" = Catalyst Control Center Localization Finnish "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1237A07B-DE5C-4DC4-9CE9-6DD5453BC3F5}" = SA31xx Device Manager & Media Converter "{12665B01-3F3A-4433-B179-9D8E352D7547}" = Try Corel Snapfire muvee autoProducer add on "{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}" = MAGIX Speed burnR (MSI) "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1AF6FC48-2025-B3FE-55C9-A9433E99BCAE}" = Catalyst Control Center Localization Spanish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{247F4B94-A558-E100-7887-DD4E78304EA4}" = CCC Help English "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = New PowerCinema "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{34C845B1-6070-CAA5-10F7-60D9789CCECE}" = Skins "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Foto 7.0 "{36BC49B7-516F-4111-BA4D-EDAB86341807}" = SG310 "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{371501F2-FEA2-BAC9-1B3A-59D1B9E744C6}" = CCC Help Dutch "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{43FA225B-1199-4867-B5AE-1E82ED04052A}" = KI.KA-ROM 4 "{4523203C-1A27-6BD2-3D93-4220C25B0A36}" = CCC Help Chinese Traditional "{45D833E7-D87E-06A6-81FC-3647E7F82382}" = CCC Help Finnish "{4923877D-6A59-485B-9E63-E35664B4F067}" = MAGIX Screenshare "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5E184954-3E3D-187E-74FA-9ACF62DFBCFB}" = ccc-core-static "{5EA4CFA0-5D94-11D5-A493-004033A0A47E}" = 40000 Cliparts "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update "{65C49E8C-2F21-4A3E-9399-EE18B7833F65}" = Catalyst Control Center - Branding "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = PowerCinema "{6BF8EE17-8C40-8CEE-B8D4-81E4C2F541CC}" = Catalyst Control Center Localization Danish "{6C5DAF4B-52CB-9432-7E8F-88E8C3C31ED3}" = Catalyst Control Center Localization Chinese Standard "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733E354E-96BE-1085-27F5-636B00697797}" = Catalyst Control Center Localization Norwegian "{74723F36-F805-700C-FF9A-2B4ED5FF2069}" = Catalyst Control Center Graphics Full Existing "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{797CDF8A-7CBE-4433-B787-EC628EAF7D0E}" = Découvertes Cadet 1 Sprachtrainer Kommunikation "{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player "{7E8A1AB5-E458-598A-D9C3-B634801EBE34}" = CCC Help German "{7FED8E91-288F-BCF2-179D-633449FC52AD}" = Catalyst Control Center Localization Italian "{81363B0F-D8B6-5197-8F93-2D774F1133CD}" = CCC Help Italian "{81FC0476-9507-4CD3-95A7-2BE60E256D1D}" = ArcSoft MediaImpression 2 "{8333A007-6122-63CD-9F43-AECE52CE80BC}" = CCC Help Swedish "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{892DB22C-ED8D-22B1-AE9D-F3014F44C306}" = CCC Help Norwegian "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92FE8ECF-C6D4-6A94-544E-7BE0BB3331B8}" = Catalyst Control Center Localization Japanese "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CA0F7B9-9F06-4EA6-AB5C-294DCB49699D}" = Vokabeltrainer-Update 4.0.52 "{9CFA9455-DE07-9024-FB4E-94F732BE4A62}" = Catalyst Control Center Graphics Light "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A39B6C32-D38D-C61D-9C10-60D94B677A61}" = Catalyst Control Center Graphics Full New "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABE21889-92C6-FD51-15EF-A1BD82D50500}" = Catalyst Control Center Localization German "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.5 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACE489B8-3C7A-B965-0BA3-2160C5BE4441}" = Catalyst Control Center Core Implementation "{AD6CCE3B-52DF-97F3-C335-50201270B9D9}" = CCC Help Danish "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B17159CD-C0C1-E820-F475-82F09CC52C67}" = CCC Help Spanish "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution "{BA2D6257-9558-4A47-9FF9-D4A5DD9BF0DC}" = Loewenzahn 8 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBEAC00C-24F0-ABCF-882F-FDA215B628BE}" = ccc-utility "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1" = Cube World version 0.0.1 "{DCED7A5F-61A0-417D-09A2-389A5F93DFC5}" = CCC Help Japanese "{DDA94685-522B-72A4-4A1D-98CF7C81A5CC}" = CCC Help French "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E572B060-C98B-4984-A48E-E4FA56265903}" = SA31xx Device Manager & Media Converter "{E6B2D464-A987-42BC-6974-8FF6F9F5598F}" = Catalyst Control Center Localization Dutch "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{EA174B17-CDF1-0EE2-A19C-76D1AD8AA095}" = CCC Help Chinese Standard "{EC9E92BE-0DF6-AFBE-D9B4-1477228745A2}" = Catalyst Control Center Localization French "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{F058A510-EB59-EEA3-A2A0-74973562DA25}" = ccc-core-preinstall "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}" = MAGIX Video deluxe 17 "{F3C2DAEB-1EA2-C9CE-B47B-49D26D9D0262}" = Catalyst Control Center Localization Swedish "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "Amazon Kindle" = Amazon Kindle "AOL Deinstallation" = AOL Deinstallation "AOL Toolbar 4.0" = "AOL YGP Screensaver" = AOL Meine Fotos Bildschirmschoner "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira Free Antivirus "BrowserCompanion" = BrowserCompanion "Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "CCleaner" = CCleaner "CrystalDiskInfo_is1" = CrystalDiskInfo 4.6.2a "DVDStyler_is1" = DVDStyler v2.4.1 "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "ElsterFormular" = ElsterFormular "Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.2 "GeoGebra 4.2" = GeoGebra 4.2 "GinyasBrowserCompanions" = GinyasBrowserCompanions "Hauppauge WinTV" = Hauppauge WinTV "Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service "Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler "Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "InterActual Player" = InterActual Player "MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D) "MAGIX Music Cleaning Lab 2008 deluxe D" = MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D) "MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D) "MAGIX_{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}" = MAGIX Speed burnR (MSI) "MAGIX_{4923877D-6A59-485B-9E63-E35664B4F067}" = MAGIX Screenshare "MAGIX_{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}" = MAGIX Video deluxe 17 "MediaShow" = Medi@Show "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mijagi-MJ4 2013-2014" = Mijagi-MJ4 2013-2014 "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.255 (D) "Nero - Burning Rom!UninstallKey" = Nero OEM "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NMPUninstallKey" = NeroMediaPlayer "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "rayman2" = rayman2 "Rescuer" = Rescuer (remove only) "RPGAdvocates_RTP_1.0" = Common RTP 1.0 "Shockwave" = Shockwave "TeamSpeak 3 Client" = TeamSpeak 3 Client "TomTom HOME" = TomTom HOME 2.7.3.1894 "VideoLive Mail" = VideoLive Mail 4.0 "ViewpointMediaPlayer" = Viewpoint Media Player "VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German) "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2003Setup" = Microsoft Works 2003-Setup-Start "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Spotify" = Spotify "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 27.06.2013 21:28:09 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung avnotify.exe, Version 13.6.0.1550, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 27.06.2013 22:27:57 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Cube.exe, Version 0.0.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 28.06.2013 10:48:23 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:55:09 | Computer Name = DACHBODEN | Source = VSS | ID = 5013 Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert in 0x800423f3) fehlgeschlagen. Error - 28.06.2013 22:52:33 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:22:49 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:23:01 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. [ Application Events ] Error - 27.06.2013 21:28:09 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung avnotify.exe, Version 13.6.0.1550, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 27.06.2013 22:27:57 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Cube.exe, Version 0.0.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 28.06.2013 10:48:23 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:55:09 | Computer Name = DACHBODEN | Source = VSS | ID = 5013 Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert in 0x800423f3) fehlgeschlagen. Error - 28.06.2013 22:52:33 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:22:49 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:23:01 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. [ System Events ] Error - 26.06.2013 19:57:50 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 26.06.2013 20:01:18 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Starten Sie den Dienst neu.. Error - 26.06.2013 20:02:47 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:27:40 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:42:46 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:49:38 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "EPGService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:51:05 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare user log service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom0 nicht verwalten. Die Datenbank ist beschädigt. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom2 nicht verwalten. Die Datenbank ist beschädigt. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom1 nicht verwalten. Die Datenbank ist beschädigt. < End of report > |
| Themen zu Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden |
| adblock, antivir, avira, bho, branding, canon, computer, crystaldiskinfo, downloader, error, firefox, flash player, format, home, homepage, langsam, logfile, mozilla, plug-in, problem, realtek, registry, required, rundll, scan, security, sehr langsam, software, starten, super, teamspeak, unerwarteter fehler, visual studio, windows, windows internet, windows xp |
Baum-Darstellung