| |
| |||||||
Log-Analyse und Auswertung: Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werdenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.07.2013, 17:14
| #1 |
 |  Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden Ich habe folgendes Problem. Mein Computer ist sehr langsam und immer wenn ich meinen PC starte taucht die Meldung : tcbhn.exe hat ein Problem festgestellt und muss beendet werden. Ich habe versuct alle 3 schritte durchzuführen aber leider hat der letzt nicht geklappt. ich poste aber trotzdem die ersten Logs. Ich hoffe ihr könnt mir helfen. mfg Hier die Logs: 1: defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 05:20 on 29/06/2013 (user) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... Unable to read sptd.sys SPTD -> Disabled (Service running -> reboot required) -=E.O.F=- 2: OTL OTL logfile created on: 29.06.2013 05:27:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,64% Memory free 3,85 Gb Paging File | 3,26 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 149,03 Gb Total Space | 94,62 Gb Free Space | 63,49% Space Free | Partition Type: NTFS Drive D: | 149,06 Gb Total Space | 80,45 Gb Free Space | 53,97% Space Free | Partition Type: NTFS Computer Name: DACHBODEN | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.29 05:26:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe PRC - [2013.06.14 02:48:41 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.06.14 02:48:19 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.06.14 02:48:14 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.06.14 02:48:14 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.05.07 02:49:43 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2013.04.04 10:36:40 | 000,958,576 | R--- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2013.01.24 22:54:48 | 000,741,888 | ---- | M] (Blabbers Communications Ltd) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.07.27 04:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Programme\WinTV\EPG Services\System\EPGClient.exe PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008.03.25 16:10:42 | 000,049,152 | ---- | M] (SigmaChip) -- C:\WINDOWS\SGStiMon.exe PRC - [2007.06.21 14:42:56 | 000,070,952 | R--- | M] (AOL LLC) -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLDial.exe PRC - [2007.05.21 11:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2007.05.21 11:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2007.05.15 10:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe PRC - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLacsd.exe PRC - [2006.09.26 02:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Gemeinsame Dateien\aol\1266255754\ee\aolsoftware.exe PRC - [2003.12.08 18:35:14 | 000,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe PRC - [2002.09.12 13:02:40 | 000,069,632 | ---- | M] (CyberLink) -- C:\Programme\Medion\PowerCinema\My_TV\Agent.exe PRC - [2002.07.24 19:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe ========== Modules (No Company Name) ========== MOD - [2013.05.14 02:49:26 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll MOD - [2013.02.20 03:09:13 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2013.02.12 00:48:02 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll MOD - [2013.01.09 12:31:20 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll MOD - [2013.01.09 12:00:06 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013.01.09 11:59:50 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013.01.09 11:58:33 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013.01.09 11:58:14 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU MOD - [2009.02.03 15:41:27 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.02.03 15:41:25 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.02.03 14:38:05 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2908.16950__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2009.02.03 14:38:05 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2908.17117__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2908.17139__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2908.16911__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2009.02.03 14:38:05 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2908.16962__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2908.17131__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2009.02.03 14:38:05 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2908.16942__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2009.02.03 14:38:05 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2009.02.03 14:38:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2908.16929__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2009.02.03 14:38:04 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2908.17160__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2009.02.03 14:38:04 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2908.17098__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2009.02.03 14:37:53 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2908.17105__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2908.17167__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2908.17111__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2009.02.03 14:37:53 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2908.16923__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:53 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2908.17104__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2009.02.03 14:37:52 | 001,032,192 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.2908.17020__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:52 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.2908.17013__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll MOD - [2009.02.03 14:37:51 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2908.17132__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,794,624 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2908.16976__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2908.16930__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2908.17124__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2009.02.03 14:37:51 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2908.16969__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:51 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2009.02.03 14:37:51 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2908.17064__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2009.02.03 14:37:51 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2908.16982__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2009.02.03 14:37:51 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2908.17080__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2009.02.03 14:37:51 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2908.17091__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2908.17099__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2908.17059__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2908.17051__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2009.02.03 14:37:50 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2908.17057__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2908.17063__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2009.02.03 14:37:50 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2886.28801__90ba9c70f846762e\LOG.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2886.28803__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2886.28837__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2009.02.03 14:37:50 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2886.28812__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2886.28829__90ba9c70f846762e\MOM.Foundation.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2886.28836__90ba9c70f846762e\DEM.OS.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2886.28862__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2886.28831__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2009.02.03 14:37:50 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2886.28863__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2009.02.03 14:37:50 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2886.28804__90ba9c70f846762e\CLI.Foundation.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2886.28823__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2009.02.03 14:37:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2886.28860__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2886.28885__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2009.02.03 14:37:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.2886.28846__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll MOD - [2009.02.03 14:37:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2886.28848__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2886.28817__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2886.28813__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2009.02.03 14:37:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2886.28837__90ba9c70f846762e\DEM.Graphics.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2886.28819__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2009.02.03 14:37:49 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2886.28838__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2009.02.03 14:37:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2886.28849__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2886.28830__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2009.02.03 14:37:48 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2886.28832__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2009.02.03 14:37:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2886.28831__90ba9c70f846762e\APM.Foundation.dll MOD - [2009.02.03 14:37:48 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2009.02.03 14:37:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2886.28801__90ba9c70f846762e\AEM.Foundation.dll MOD - [2009.02.03 14:37:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2009.02.03 14:37:45 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2908.17144_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2009.02.03 14:37:44 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2908.17152__90ba9c70f846762e\MOM.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2908.17150__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2908.17177__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2009.02.03 14:37:44 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2886.28814__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2009.02.03 14:37:44 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2886.28834__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2009.02.03 14:37:44 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2886.28808__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2009.02.03 14:37:44 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2908.17188__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2009.02.03 14:37:44 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2908.16901__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2009.02.03 14:37:43 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2908.16937__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2009.02.03 14:37:43 | 000,454,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2908.17144__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2009.02.03 14:37:43 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2908.16903__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2009.02.03 14:37:43 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2886.28834__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2009.02.03 14:37:43 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2886.28809__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2009.02.03 14:37:43 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2886.28826__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2009.02.03 14:37:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2886.28832__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2009.02.03 14:37:42 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2908.16918__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2009.02.03 14:37:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2908.16903__90ba9c70f846762e\ATIDEMOS.dll MOD - [2009.02.03 14:37:42 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2908.16902__90ba9c70f846762e\APM.Server.dll MOD - [2009.02.03 14:37:42 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2908.16901__90ba9c70f846762e\AEM.Server.dll MOD - [2009.02.03 14:37:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2009.02.03 14:37:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2908.17151__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009.02.03 14:37:42 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.02.03 14:37:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2886.28851__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2009.02.03 14:37:41 | 001,175,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.VividDesktop.Dashboard\1.2.2924.20909__90ba9c70f846762e\CLI.AIB.VividDesktop.Dashboard.dll MOD - [2009.02.03 14:37:41 | 000,786,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.TutorialOverDrive3.Tutorial.Dashboard\1.2.2924.20912__90ba9c70f846762e\CLI.AIB.TutorialOverDrive3.Tutorial.Dashbo ard.dll MOD - [2009.02.03 14:37:41 | 000,417,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.VividVideoPlayback.Dashboard\1.2.2924.20913__90ba9c70f846762e\CLI.AIB.VividVideoPlayback.Dashboard.dll MOD - [2009.02.03 14:37:41 | 000,151,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.AIB.TutorialInfoCentre.Tutorial.Dashboard\1.2.2924.20913__90ba9c70f846762e\CLI.AIB.TutorialInfoCentre.Tutorial.Dashbo ard.dll MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll MOD - [2008.01.03 19:29:50 | 001,888,256 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.05.15 10:53:12 | 000,876,544 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll MOD - [2007.05.15 10:53:12 | 000,159,744 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll MOD - [2007.05.15 10:53:12 | 000,024,691 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so MOD - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe MOD - [2002.09.12 13:02:28 | 000,036,864 | ---- | M] () -- C:\Programme\Medion\PowerCinema\My_TV\SysRecSchedule.dll MOD - [2002.09.03 16:23:50 | 000,036,864 | ---- | M] () -- C:\Programme\Medion\PowerCinema\My_TV\MyTVLang.dll ========== Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (Steam Client Service) SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) SRV - [2013.06.14 02:48:41 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.06.14 02:48:14 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.06.04 08:21:13 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.02 07:51:17 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.07 02:49:43 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.11.13 13:31:14 | 000,092,008 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService) SRV - [2007.05.21 11:51:10 | 000,135,233 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2007.05.21 11:50:56 | 000,065,605 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2007.05.15 10:53:12 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe -- (ForcewareWebInterface) SRV - [2006.12.14 16:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService) SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\aol\acs\AOLacsd.exe -- (AOL ACS) SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | Boot | Stopped] -- -- (PxHelp20) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.03.27 20:46:53 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2013.03.27 20:46:53 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.03.27 20:46:53 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.02.20 03:09:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.11.07 20:39:38 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009.02.07 12:19:46 | 000,099,840 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV06.sys -- (ACEDRV06) DRV - [2008.05.28 21:05:00 | 000,420,096 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hcw66xxx.sys -- (hcw66xxx) DRV - [2008.04.02 15:58:28 | 000,005,460 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SG310Hub.sys -- (FilterService) DRV - [2008.04.02 15:55:52 | 000,986,590 | ---- | M] (SiGma Micro) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SG310UVC.sys -- (SG310 Video Capture) DRV - [2008.02.26 10:01:44 | 004,737,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007.12.18 04:46:22 | 002,849,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007.05.21 04:43:12 | 000,019,968 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2007.05.21 04:43:08 | 000,046,080 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006.12.28 05:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2006.10.18 02:31:38 | 000,105,472 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata) DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005.11.16 01:42:48 | 000,045,056 | ---- | M] (InterVideo) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\iviVD.sys -- (iviVD) DRV - [2004.08.11 18:00:00 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV - [2004.07.09 04:26:38 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE) DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2003.06.12 08:47:42 | 000,024,704 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune) DRV - [2003.06.05 08:04:22 | 000,350,752 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) DRV - [2003.01.10 23:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.foxtab.com/?s=0&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms} IE - HKLM\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1 IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 33 C0 6C C5 A5 CA 01 [binary data] IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=54d39eba000000000000002215d91bfc IE - HKCU\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815 IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms} IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: bbrs_003%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll (Fun Web Products, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.10.08 16:04:31 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.06.04 08:21:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.24 11:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Extensions [2010.05.24 11:43:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2013.02.03 18:02:46 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions [2013.02.03 18:02:46 | 000,000,000 | ---D | M] (Ginyas Browser Companions) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com [2013.06.06 04:52:29 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae942 4591b_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\266efba29a8dc2649e413548c9a f865c_expire [2013.04.05 04:10:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d0 79658_expire [2013.02.03 18:06:38 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26 be41f_expire [2013.04.10 12:30:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\4e6cace4f315fec36500e6b8d99 cc694_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\559d3b97ddd036cd43981f82bb6 43a6b_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef2 9a005_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995 f57a6_expire [2013.03.29 09:46:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa 126a0_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bc417bfcd62af75b6bf321501f6 3d514_expire [2013.03.28 22:41:40 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba38 80579_expire [2013.06.27 02:32:26 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\c93f2aa3f7ed8c08097d4d5c3c2 c61e1_expire [2013.02.04 19:25:49 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e42 64271_expire [2013.02.03 18:06:37 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfb e0d6b_expire [2013.04.26 13:08:44 | 000,000,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062 b1c6f_expire [2013.06.04 08:21:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.06.04 08:21:15 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google  riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}, CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL CHR - plugin: Fun Web Products Plugin Stub (Enabled) = C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll CHR - plugin: Java Deployment Toolkit 7.0.210.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: CS portable = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bijcilgmpgmllbihfhofoobmbjbbkenl\1.2_0\ CHR - Extension: YouTube = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Ginyas Browser Companions = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\ CHR - Extension: Adblock Plus = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5_0\ CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: CS Portable Online = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dghpcggldbdhganhodihdiibcenplegh\1.2_0\ CHR - Extension: Plants vs Zombies HD Reloaded = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hjkhoacaklmakefhjplfdnadddjfhaof\1.1.4_0\ CHR - Extension: Isoball 3 = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj\1.3.0_0\ CHR - Extension: Grepolis = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog\2.11.14_0\ CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Chatvibes Browser Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( ) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Ginyas Browser Companion Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\GinyasBrowserCompanions\updatebhoWin32.dll (Blabbers Communications Ltd) O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Agent] C:\Programme\Medion\PowerCinema\My_TV\Agent.exe (CyberLink) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\acs\AOLDial.exe (AOL LLC) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD) O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [RemoteControl] C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [SG310Monitor] C:\WINDOWS\SGStiMon.exe (SigmaChip) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_17\Trayserver.exe (MAGIX AG) O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; SIMBAR={2EF45E0D-3817-4B60-8F98-438832E8C391}; GTB0.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET CLR 1.1.4322; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"hxxp://www.y8.com/games/Moto_X_Freestyle" File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html () O8 - Extra context menu item: &Download by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/201 File not found O8 - Extra context menu item: &Grab video by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/204 File not found O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/203 File not found O8 - Extra context menu item: Down&load all by Orbit - res://D:\Julian\Julians Dokumente\Neuer Ordner\Orbitdownloader\orbitmxt.dll/202 File not found O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/mindspark/ei/1.2.5.7-2/MyFunCards.cab (Fun Web Products Installer Start) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game01.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: CabBuilder hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{299DC91C-2BD8-49CA-B572-DFFFECAAD5BC}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.02.03 14:20:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell - "" = AutoRun O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{59cfe30c-19c4-11e1-a18b-002215d91bfc}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{74cc7fdc-6715-11df-9c27-002215d91bfc}\Shell\AutoRun\command - "" = I:\InstallTomTomHOME.exe O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell - "" = AutoRun O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{fc54af26-848b-11e0-9fe7-002215d91bfc}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\I\Shell - "" = AutoRun O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.06.29 05:27:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe [2013.06.27 04:55:58 | 000,000,000 | ---D | C] -- C:\Programme\Cube World [2013.06.27 04:52:34 | 000,000,000 | ---D | C] -- C:\DirectX [2013.06.27 02:57:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Recent [2013.06.27 02:56:23 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2013.06.27 02:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Auslogics [2013.06.27 02:49:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Auslogics [2013.06.26 00:36:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2013.06.25 19:51:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Picroma [2013.06.25 19:51:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Cube World [2013.06.24 01:54:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Xfire [2013.06.21 10:27:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Unity [2013.06.21 10:24:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Unity [2013.06.20 16:02:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Google Chrome [2013.06.20 15:24:58 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Verwaltung [2013.06.19 19:24:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\Gameforge Live [2013.06.19 19:24:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Gameforge4d [2013.06.16 11:07:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\RapidSolution [2013.06.15 10:07:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\MAGIX Projekte [2013.06.15 07:05:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\My Games [2013.06.04 08:21:02 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.05.17 02:18:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\rundll32.exe [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.29 05:26:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\OTL.exe [2013.06.29 05:24:59 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions FireFox Watcher.job [2013.06.29 05:24:55 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Chrome Watcher.job [2013.06.29 05:22:41 | 000,001,064 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Stats Report.job [2013.06.29 05:22:40 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.06.29 05:22:40 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GinyasBrowserCompanions Update Checker.job [2013.06.29 05:22:35 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.06.29 05:22:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.06.29 05:21:03 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable [2013.06.29 05:21:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.06.29 05:20:38 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Defogger.exe [2013.06.29 05:11:00 | 000,001,238 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job [2013.06.29 05:06:45 | 000,000,223 | RHS- | M] () -- C:\boot.ini [2013.06.28 20:51:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.06.26 18:14:17 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Microsoft Office Word 2003.lnk [2013.06.26 06:10:56 | 000,000,046 | ---- | M] () -- C:\WINDOWS\Speed.INI [2013.06.26 01:03:46 | 000,000,040 | ---- | M] () -- C:\WINDOWS\KA.INI [2013.06.26 01:02:48 | 000,506,660 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.06.26 01:02:48 | 000,484,796 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.06.26 01:02:48 | 000,096,514 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.06.26 01:02:48 | 000,080,808 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.06.24 04:49:06 | 000,032,768 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.06.24 04:48:17 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2013.06.21 07:48:39 | 000,355,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.06.20 16:11:00 | 000,001,186 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job [2013.06.20 16:02:25 | 000,002,480 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk [2013.06.20 15:43:10 | 000,027,186 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154300.reg [2013.06.20 15:42:47 | 000,729,230 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154215.reg [2013.06.14 14:08:06 | 000,000,026 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\hdegds.stk [2013.06.14 14:05:24 | 000,000,050 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\zetz.stk [2013.06.14 13:57:30 | 000,000,026 | ---- | M] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\jjj.stk [2013.06.10 06:14:32 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.29 05:20:54 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable [2013.06.29 05:20:43 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Defogger.exe [2013.06.20 16:02:25 | 000,002,480 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk [2013.06.20 16:01:11 | 000,001,238 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job [2013.06.20 16:01:11 | 000,001,186 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job [2013.06.20 15:43:07 | 000,027,186 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154300.reg [2013.06.20 15:42:19 | 000,729,230 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\cc_20130620_154215.reg [2013.06.14 14:08:06 | 000,000,026 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\hdegds.stk [2013.06.14 14:05:24 | 000,000,050 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\zetz.stk [2013.06.14 13:57:30 | 000,000,026 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Eigene Dateien\jjj.stk [2013.06.10 06:13:43 | 000,002,347 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk [2013.06.10 06:13:43 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk [2013.05.21 01:37:46 | 000,190,124 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\ESt2012_Rappen_Heinz_und_Rappen_Carola.elfo [2013.05.17 02:18:14 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\01lh.pad [2013.04.27 15:11:27 | 000,084,308 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2013.03.17 16:07:21 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Speed.INI [2013.01.23 08:21:47 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\.recently-used.xbel [2012.12.23 12:58:02 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2012.12.23 12:58:01 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2012.10.08 17:42:42 | 004,891,718 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-515967899-1708537768-839522115-1004-0.dat [2012.10.08 17:42:42 | 000,320,318 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.08.27 18:08:53 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini [2012.08.27 18:08:50 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI [2012.08.27 18:08:49 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE [2012.08.27 18:04:23 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll [2012.08.27 18:03:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll [2012.08.27 18:01:53 | 000,004,951 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI [2012.05.09 14:29:06 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Rappen_elster_2048.pfx [2012.04.28 14:51:46 | 000,187,628 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\ESt2011_Rappen.elfo [2012.02.16 11:53:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011.02.25 21:44:22 | 000,000,298 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\UnifiedToolbarCleanup.bat [2011.02.25 21:44:08 | 000,000,333 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\KiweeChatbarCleanup.bat [2011.02.24 15:55:05 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\steam_md4.dat [2011.02.18 22:12:35 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\__ng3d.lock [2011.01.16 20:07:45 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\games.stat [2011.01.15 13:39:45 | 000,153,122 | ---- | C] () -- C:\Programme\Superturner.gif [2011.01.15 13:36:44 | 000,000,099 | ---- | C] () -- C:\Programme\Platz 3.stk [2011.01.15 13:34:54 | 000,000,075 | ---- | C] () -- C:\Programme\Platz 2.stk [2011.01.15 13:28:36 | 000,000,075 | ---- | C] () -- C:\Programme\Platz 1.stk [2011.01.15 12:59:42 | 000,000,081 | ---- | C] () -- C:\Programme\Turnstange.stk [2011.01.15 12:23:59 | 000,000,076 | ---- | C] () -- C:\Programme\Schild.stk [2010.03.07 12:23:31 | 000,032,768 | ---- | C] () -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.02.07 15:42:09 | 000,040,960 | ---- | C] () -- C:\Programme\Uninstall_CDS.exe ========== ZeroAccess Check ========== [2009.02.03 14:34:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.01.05 13:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon [2010.08.04 17:26:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ [2010.09.23 20:49:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEGV [2010.12.14 19:18:16 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan [2010.11.07 20:39:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite [2013.05.19 19:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular [2012.10.08 16:21:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Freemake [2009.03.09 17:39:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse [2013.06.29 05:22:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions [2011.02.13 14:10:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.01.16 17:50:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium [2011.01.16 17:50:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InterAction studios [2012.07.17 10:55:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Langenscheidt [2013.03.13 09:14:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX [2013.03.11 14:35:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Movavi Video Suite 11 SE [2013.06.25 19:51:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Picroma [2009.06.28 14:16:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst [2013.06.28 18:42:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan [2009.03.11 10:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpinTop Games [2009.12.22 11:42:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2009.09.22 15:20:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio [2010.05.24 11:44:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2009.02.04 19:14:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint [2009.02.05 11:36:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom [2013.06.29 05:03:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\.minecraft [2013.02.20 03:41:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Advanced System Protector [2013.06.27 02:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Auslogics [2012.01.05 13:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Babylon [2010.12.14 19:18:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Canon [2010.10.02 16:35:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\cerasus [2010.10.01 20:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\cerasus.media [2010.12.09 18:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Diercke Globus [2013.06.20 15:56:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\DVDVideoSoft [2013.05.19 19:55:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\elsterformular [2012.12.23 11:51:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\gtk-2.0 [2011.02.10 20:35:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Gutscheinmieze [2010.09.02 18:49:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Klett [2012.07.17 10:55:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Langenscheidt [2011.08.20 19:05:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Leadertech [2013.03.02 16:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\LolClient [2013.03.13 09:14:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\MAGIX [2013.03.11 14:46:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\MOVAVI [2013.03.03 12:07:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\OpenCandy [2013.06.20 15:41:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Orbit [2013.05.11 02:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\PriceGong [2011.02.10 20:43:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\ProgSense [2013.06.28 05:08:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify [2013.06.26 00:40:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Systweak [2010.05.24 11:43:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\TomTom [2013.06.21 10:27:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Unity [2010.02.03 17:10:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Viewpoint ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:671329E4 < End of report > und Extras: OTL Extras logfile created on: 29.06.2013 05:27:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,64% Memory free 3,85 Gb Paging File | 3,26 Gb Available in Paging File | 84,72% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 149,03 Gb Total Space | 94,62 Gb Free Space | 63,49% Space Free | Partition Type: NTFS Drive D: | 149,06 Gb Total Space | 80,45 Gb Free Space | 53,97% Space Free | Partition Type: NTFS Computer Name: DACHBODEN | User Name: user | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML.CHU72JXHC5OPXC5TOBFP76H7U4] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "5340:TCP" = 5340:TCP:*:Enabled:5340 "350:UDP" = 350:UDP:*:Enabled:5350 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify\spotify.exe" = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd) "C:\Programme\AOL 9.0 VR\aol.exe" = C:\Programme\AOL 9.0 VR\aol.exe:*:Enabled:AOL 9.0 -- (AOL, LLC.) "C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe" = C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC) "C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe" = C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.) "C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003 "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{06A174A4-E8DD-4C55-2345-C2C5FF9FDBE5}" = Catalyst Control Center Localization Chinese Traditional "{1169A9D8-AB43-2DAF-E4CE-CFA17EA46AA0}" = Catalyst Control Center Localization Finnish "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers "{1237A07B-DE5C-4DC4-9CE9-6DD5453BC3F5}" = SA31xx Device Manager & Media Converter "{12665B01-3F3A-4433-B179-9D8E352D7547}" = Try Corel Snapfire muvee autoProducer add on "{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}" = MAGIX Speed burnR (MSI) "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser "{1AF6FC48-2025-B3FE-55C9-A9433E99BCAE}" = Catalyst Control Center Localization Spanish "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{247F4B94-A558-E100-7887-DD4E78304EA4}" = CCC Help English "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = New PowerCinema "{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{34C845B1-6070-CAA5-10F7-60D9789CCECE}" = Skins "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Foto 7.0 "{36BC49B7-516F-4111-BA4D-EDAB86341807}" = SG310 "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{371501F2-FEA2-BAC9-1B3A-59D1B9E744C6}" = CCC Help Dutch "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{43FA225B-1199-4867-B5AE-1E82ED04052A}" = KI.KA-ROM 4 "{4523203C-1A27-6BD2-3D93-4220C25B0A36}" = CCC Help Chinese Traditional "{45D833E7-D87E-06A6-81FC-3647E7F82382}" = CCC Help Finnish "{4923877D-6A59-485B-9E63-E35664B4F067}" = MAGIX Screenshare "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5E184954-3E3D-187E-74FA-9ACF62DFBCFB}" = ccc-core-static "{5EA4CFA0-5D94-11D5-A493-004033A0A47E}" = 40000 Cliparts "{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update "{65C49E8C-2F21-4A3E-9399-EE18B7833F65}" = Catalyst Control Center - Branding "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{6B103F43-069C-11D6-9EA2-0050BAE317E1}" = PowerCinema "{6BF8EE17-8C40-8CEE-B8D4-81E4C2F541CC}" = Catalyst Control Center Localization Danish "{6C5DAF4B-52CB-9432-7E8F-88E8C3C31ED3}" = Catalyst Control Center Localization Chinese Standard "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{733E354E-96BE-1085-27F5-636B00697797}" = Catalyst Control Center Localization Norwegian "{74723F36-F805-700C-FF9A-2B4ED5FF2069}" = Catalyst Control Center Graphics Full Existing "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{797CDF8A-7CBE-4433-B787-EC628EAF7D0E}" = Découvertes Cadet 1 Sprachtrainer Kommunikation "{7D1D6A24-65D4-454C-8815-4F08A5FFF12C}" = Macromedia Shockwave Player "{7E8A1AB5-E458-598A-D9C3-B634801EBE34}" = CCC Help German "{7FED8E91-288F-BCF2-179D-633449FC52AD}" = Catalyst Control Center Localization Italian "{81363B0F-D8B6-5197-8F93-2D774F1133CD}" = CCC Help Italian "{81FC0476-9507-4CD3-95A7-2BE60E256D1D}" = ArcSoft MediaImpression 2 "{8333A007-6122-63CD-9F43-AECE52CE80BC}" = CCC Help Swedish "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{892DB22C-ED8D-22B1-AE9D-F3014F44C306}" = CCC Help Norwegian "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1" = Auslogics Registry Cleaner "{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{92FE8ECF-C6D4-6A94-544E-7BE0BB3331B8}" = Catalyst Control Center Localization Japanese "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CA0F7B9-9F06-4EA6-AB5C-294DCB49699D}" = Vokabeltrainer-Update 4.0.52 "{9CFA9455-DE07-9024-FB4E-94F732BE4A62}" = Catalyst Control Center Graphics Light "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A39B6C32-D38D-C61D-9C10-60D94B677A61}" = Catalyst Control Center Graphics Full New "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{ABE21889-92C6-FD51-15EF-A1BD82D50500}" = Catalyst Control Center Localization German "{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.5 - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ACE489B8-3C7A-B965-0BA3-2160C5BE4441}" = Catalyst Control Center Core Implementation "{AD6CCE3B-52DF-97F3-C335-50201270B9D9}" = CCC Help Danish "{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger "{B17159CD-C0C1-E820-F475-82F09CC52C67}" = CCC Help Spanish "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer "{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution "{BA2D6257-9558-4A47-9FF9-D4A5DD9BF0DC}" = Loewenzahn 8 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack "{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector Pro "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CBEAC00C-24F0-ABCF-882F-FDA215B628BE}" = ccc-utility "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call "{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1" = Cube World version 0.0.1 "{DCED7A5F-61A0-417D-09A2-389A5F93DFC5}" = CCC Help Japanese "{DDA94685-522B-72A4-4A1D-98CF7C81A5CC}" = CCC Help French "{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer "{E572B060-C98B-4984-A48E-E4FA56265903}" = SA31xx Device Manager & Media Converter "{E6B2D464-A987-42BC-6974-8FF6F9F5598F}" = Catalyst Control Center Localization Dutch "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{EA174B17-CDF1-0EE2-A19C-76D1AD8AA095}" = CCC Help Chinese Standard "{EC9E92BE-0DF6-AFBE-D9B4-1477228745A2}" = Catalyst Control Center Localization French "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{F058A510-EB59-EEA3-A2A0-74973562DA25}" = ccc-core-preinstall "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}" = MAGIX Video deluxe 17 "{F3C2DAEB-1EA2-C9CE-B47B-49D26D9D0262}" = Catalyst Control Center Localization Swedish "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "Amazon Kindle" = Amazon Kindle "AOL Deinstallation" = AOL Deinstallation "AOL Toolbar 4.0" = "AOL YGP Screensaver" = AOL Meine Fotos Bildschirmschoner "ATI Display Driver" = ATI Display Driver "Avira AntiVir Desktop" = Avira Free Antivirus "BrowserCompanion" = BrowserCompanion "Canon MP550 series Benutzerregistrierung" = Canon MP550 series Benutzerregistrierung "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "CCleaner" = CCleaner "CrystalDiskInfo_is1" = CrystalDiskInfo 4.6.2a "DVDStyler_is1" = DVDStyler v2.4.1 "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "ElsterFormular" = ElsterFormular "Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.2 "GeoGebra 4.2" = GeoGebra 4.2 "GinyasBrowserCompanions" = GinyasBrowserCompanions "Hauppauge WinTV" = Hauppauge WinTV "Hauppauge WinTV DVB-T EPG Service" = Hauppauge WinTV DVB-T EPG Service "Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler "Hauppauge WinTV Soft PVR" = Hauppauge WinTV Soft PVR "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "InterActual Player" = InterActual Player "MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D) "MAGIX Music Cleaning Lab 2008 deluxe D" = MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D) "MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D) "MAGIX_{14E1CEC0-E43B-4158-85F4-73BCB3878B7F}" = MAGIX Speed burnR (MSI) "MAGIX_{4923877D-6A59-485B-9E63-E35664B4F067}" = MAGIX Screenshare "MAGIX_{F287AD31-C7A7-48BF-9381-6B8A686AAAD4}" = MAGIX Video deluxe 17 "MediaShow" = Medi@Show "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mijagi-MJ4 2013-2014" = Mijagi-MJ4 2013-2014 "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "Mufin MusicFinder Base D" = Mufin MusicFinder Base 1.5.3.255 (D) "Nero - Burning Rom!UninstallKey" = Nero OEM "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NMPUninstallKey" = NeroMediaPlayer "NVIDIA Drivers" = NVIDIA Drivers "OpenAL" = OpenAL "rayman2" = rayman2 "Rescuer" = Rescuer (remove only) "RPGAdvocates_RTP_1.0" = Common RTP 1.0 "Shockwave" = Shockwave "TeamSpeak 3 Client" = TeamSpeak 3 Client "TomTom HOME" = TomTom HOME 2.7.3.1894 "VideoLive Mail" = VideoLive Mail 4.0 "ViewpointMediaPlayer" = Viewpoint Media Player "VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German) "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Works2003Setup" = Microsoft Works 2003-Setup-Start "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Spotify" = Spotify "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 27.06.2013 21:28:09 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung avnotify.exe, Version 13.6.0.1550, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 27.06.2013 22:27:57 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Cube.exe, Version 0.0.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 28.06.2013 10:48:23 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:55:09 | Computer Name = DACHBODEN | Source = VSS | ID = 5013 Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert in 0x800423f3) fehlgeschlagen. Error - 28.06.2013 22:52:33 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:22:49 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:23:01 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. [ Application Events ] Error - 27.06.2013 21:28:09 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung avnotify.exe, Version 13.6.0.1550, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 27.06.2013 22:27:57 | Computer Name = DACHBODEN | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Cube.exe, Version 0.0.0.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 28.06.2013 10:48:23 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:54:47 | Computer Name = DACHBODEN | Source = VSS | ID = 12289 Description = Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)". hr = 0x80070005. Error - 28.06.2013 10:55:09 | Computer Name = DACHBODEN | Source = VSS | ID = 5013 Description = Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert in 0x800423f3) fehlgeschlagen. Error - 28.06.2013 22:52:33 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:22:49 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. Error - 28.06.2013 23:23:01 | Computer Name = DACHBODEN | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd. [ System Events ] Error - 26.06.2013 19:57:50 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 26.06.2013 20:01:18 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7031 Description = Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Starten Sie den Dienst neu.. Error - 26.06.2013 20:02:47 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:27:40 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:42:46 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:49:38 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "EPGService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 27.06.2013 21:51:05 | Computer Name = DACHBODEN | Source = Service Control Manager | ID = 7034 Description = Dienst "ForceWare user log service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom0 nicht verwalten. Die Datenbank ist beschädigt. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom2 nicht verwalten. Die Datenbank ist beschädigt. Error - 28.06.2013 10:55:50 | Computer Name = DACHBODEN | Source = Wechselmediendienst | ID = 262159 Description = Der Wechselmediendienst kann die Bibliothek CdRom1 nicht verwalten. Die Datenbank ist beschädigt. < End of report > |
|
11.07.2013, 17:15
| #2 |
| /// the machine /// TB-Ausbilder    | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
12.07.2013, 15:12
| #3 |
| | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden So hab den scan gemacht hier sind die logs :
__________________FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2013 01
Ran by user (administrator) on 30-06-2013 04:00:46
Running from C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(brother Industries Ltd) C:\WINDOWS\system32\brsvc01a.exe
(brother Industries Ltd) C:\WINDOWS\system32\brss01a.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Hauppauge Computer Works) C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Apache Software Foundation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
() C:\WINDOWS\system32\PSIService.exe
(NVIDIA Corporation) C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Advanced Micro Devices Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(AOL LLC) C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
(CyberLink) C:\Programme\Medion\PowerCinema\My_TV\Agent.exe
(Microsoft® Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
(Cyberlink Corp.) C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
(SigmaChip) C:\WINDOWS\SGStiMon.exe
(CANON INC.) C:\Programme\Canon\MyPrinter\BJMyPrt.exe
(Blabbers Communications LTD) C:\Programme\BrowserCompanion\BCHelper.exe
(Hauppauge Inc.) C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\AOL\1266255754\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(ATI Technologies Inc.) C:\Programme\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [StartCCC] - "C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [90112 2006-11-10] ()
HKLM\...\Run: [RTHDCPL] - RTHDCPL.EXE [x]
HKLM\...\Run: [Alcmtr] - ALCMTR.EXE [x]
HKLM\...\Run: [AOLDialer] - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe [70952 2007-06-21] (AOL LLC)
HKLM\...\Run: [Agent] - C:\Programme\Medion\PowerCinema\My_TV\Agent.exe [69632 2002-09-12] (CyberLink)
HKLM\...\Run: [Microsoft Works Update Detection] - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe [28672 2002-07-24] (Microsoft® Corporation)
HKLM\...\Run: [RemoteControl] - "C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [32768 2003-12-08] (Cyberlink Corp.)
HKLM\...\Run: [SG310Monitor] - C:\WINDOWS\SGStiMon.exe [49152 2008-03-25] (SigmaChip)
HKLM\...\Run: [CanonMyPrinter] - C:\Programme\Canon\MyPrinter\BJMyPrt.exe /logon [1983816 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [Browser companion helper] - C:\Programme\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej [187696 2011-12-16] (Blabbers Communications LTD)
HKLM\...\Run: [EPGServiceTool] - C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe [688128 2008-05-15] (Hauppauge Inc.)
HKLM\...\Run: [avgnt] - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [TrayServer] - C:\PROGRA~1\MAGIX\VIDEO_~1\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x]
HKLM\...\Run: [Adobe Reader Speed Launcher] - "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Runonce: [Shockwave Updater] - C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; SIMBAR={2EF45E0D-3817-4B60-8F98-438832E8C391}; GTB0.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET CLR 1.1.4322; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"hxxp://www.y8.com/games/Moto_X_Freestyle" [x]
MountPoints2: I - I:\LaunchU3.exe -a
MountPoints2: {59cfe30c-19c4-11e1-a18b-002215d91bfc} - H:\LaunchU3.exe -a
MountPoints2: {74cc7fdc-6715-11df-9c27-002215d91bfc} - I:\InstallTomTomHOME.exe
MountPoints2: {fc54af26-848b-11e0-9fe7-002215d91bfc} - I:\LaunchU3.exe -a
HKU\user\...\Run: [PowerBar] - [x]
HKU\user\...\Run: [MsnMsgr] - ~"C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background [ 2010-04-16] (Microsoft Corporation)
HKU\user\...\Run: [MSMSGS] - "C:\Programme\Messenger\msmsgs.exe" /background [x]
HKU\user\...\Run: [atgcn] - "c:\dokumente und einstellungen\user\lokale einstellungen\anwendungsdaten\atgcn.exe" atgcn [x]
HKU\user\...\Run: [swg] - "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\user\...\RunOnce: [Shockwave Updater] - C:\WINDOWS\system32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6; SIMBAR={2EF45E0D-3817-4B60-8F98-438832E8C391}; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET CLR 1.1.4322; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"hxxp://online.jetztspielen.de/gameshell/app/gameshell.aspx?carrier=-1&channel=11044650&code=115050913&device=-1&lc=de&origin=pgame_ol_u&refid=&room=3929245e-e296-4397-80d2-2f884a6496f0&ui=P6nbyLVU6llR5nC4MzrxtWdzI+4%3D&un=DA%3DYgjCbPcgRr9EH6OxLNOtbKohXESxMI5tsd7PAR0AQuDqEycp/++U0pSv3247ntHy2PQNjo2aG0/MBJPLEdEZng%3D%3D%26SD%3DiQBF5IEQCJEI2dW+nVDjeW1MTNqEVAyiaEDObcC13fpMQz4Uhe9uoQrYVITa6FcN%26LT%3D1%26CL%3DU%26TO%3D1260347324%26A%3DBZ6Sld9ztknvZn4z4MrS76tKnoY%3D%26SA%3DBZ6Sld9ztknvZn4z4MrS76tKnoY%3D&ux=691198656" [x]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.foxtab.com/?s=0&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
URLSearchHook: (No Name) - {1CFFA392-0898-4b1c-89D1-6E98F9D8EF78} - No File
HKLM SearchScopes: DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms}
SearchScopes: HKLM - {36668FFD-7809-43FB-A609-999C5A7AB5FE} URL = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815
SearchScopes: HKLM - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q={searchTerms}&crm=1
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKCU - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=kwtb&component=&c=GNKWO50020&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bac88ef8f-60eb-11de-ab20-002215d91bfc%7d&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101241&mntrId=54d39eba000000000000002215d91bfc
SearchScopes: HKCU - {36668FFD-7809-43FB-A609-999C5A7AB5FE} URL = hxxp://search.foxtab.com/?q={searchTerms}&s=1&chnl=irn&cd=2XzutCtN2Y1L1QzutDtDtBtBtCyD0DzytC0B0F0CtN0C0Czu0D0EtN0D0TzutBtDtCtCtDtBtCyE&cr=983856815
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://suche.aol.de/suche/web/search.jsp?q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
BHO: Chatvibes Browser Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\GinyasBrowserCompanions\updatebhoWin32.dll (Blabbers Communications Ltd)
BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/mindspark/ei/1.2.5.7-2/MyFunCards.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game01.zylom.com/activex/zylomgamesplayer.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: ipp - No CLSID Value -
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\GinyasBrowserCompanions\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX - C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @funwebproducts.com/Plugin - C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll (Fun Web Products, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
FF Extension: Ginyas Browser Companions - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Anwendungsdaten\Mozilla\Firefox\Profiles\417aofsi.default\Extensions\bbrs_003@blabbers.com
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Programme\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
Chrome:
=======
CHR RestoreOnStartup: "hxxp://de.msn.com/?pc=UP21&ocid=UP21DHP&dt=122112"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Fun Web Products Plugin Stub) - C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll (Fun Web Products, Inc.)
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
========================== Services (Whitelisted) =================
R2 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [84024 2013-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-14] (Avira Operations GmbH & Co. KG)
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2007-12-18] ()
R2 Brother XP spl Service; C:\WINDOWS\system32\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd)
R2 EPGService; C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [437248 2008-05-30] (Hauppauge Computer Works)
R2 ForcewareWebInterface; C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [20543 2007-05-15] (Apache Software Foundation)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-02] (Google Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117144 2013-06-04] (Mozilla Foundation)
R2 nSvcIp; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [135233 2007-05-21] (NVIDIA Corporation)
R2 nSvcLog; C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [65605 2007-05-21] (NVIDIA Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [174656 2006-11-02] ()
S4 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [92008 2009-11-13] (TomTom)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 AppMgmt; %SystemRoot%\System32\appmgmts.dll [x]
R2 JavaQuickStarterService; "C:\Programme\Java\jre7\bin\jqs.exe" -service -config "C:\Programme\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S4 Steam Client Service;
==================== Drivers (Whitelisted) ====================
R2 ACEDRV06; C:\WINDOWS\system32\drivers\ACEDRV06.sys [99840 2009-02-07] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43520 2006-07-02] (Advanced Micro Devices)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [2849280 2007-12-18] (ATI Technologies Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-27] (Avira Operations GmbH & Co. KG)
S3 BrScnUsb; C:\Windows\System32\Drivers\BrScnUsb.sys [15263 2003-12-19] (Brother Industries Ltd.)
R3 Cap7134; C:\Windows\System32\DRIVERS\Cap7134.sys [350752 2003-06-05] (Philips Semiconductors)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 FilterService; C:\Windows\System32\DRIVERS\SG310Hub.sys [5460 2008-04-02] (SiGma Micro)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 hcw66xxx; C:\Windows\System32\Drivers\hcw66xxx.sys [420096 2008-05-28] (Hauppauge Computer Works, Inc.)
R3 HdAudAddService; C:\Windows\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [144384 2008-04-13] (Windows (R) Server 2003 DDK provider)
R0 iviVD; C:\Windows\System32\DRIVERS\iviVD.sys [45056 2005-11-16] (InterVideo)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15104 2004-07-09] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-11] ()
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 nvata; C:\Windows\System32\DRIVERS\nvata.sys [105472 2006-10-18] (NVIDIA Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [46080 2007-05-21] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [19968 2007-05-21] (NVIDIA Corporation)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.)
R3 PhTVTune; C:\Windows\System32\DRIVERS\PhTVTune.sys [24704 2003-06-12] (Philips Semiconductors)
S3 SG310 Video Capture; C:\Windows\System32\Drivers\SG310UVC.sys [986590 2008-04-02] (SiGma Micro)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-11-07] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-20] (Avira GmbH)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation)
S3 EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys [x]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
S0 PxHelp20; No ImagePath
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 04:00 - 2013-06-30 04:00 - 01218598 _____ (Farbar) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\FRST.exe
2013-06-30 04:00 - 2013-06-30 04:00 - 00000000 ____D C:\FRST
2013-06-30 03:59 - 2013-06-30 03:59 - 01778143 _____ (Farbar) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\FRST64.exe
2013-06-29 10:54 - 2013-06-29 10:54 - 00008989 _____ C:\WINDOWS\KB2834904.log
2013-06-29 10:54 - 2013-06-29 10:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-06-29 10:53 - 2013-06-29 10:53 - 00008848 _____ C:\WINDOWS\KB2834886.log
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-06-29 10:45 - 2013-06-29 10:54 - 00030914 _____ C:\WINDOWS\FaxSetup.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00011795 _____ C:\WINDOWS\tsoc.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00010424 _____ C:\WINDOWS\comsetup.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00006307 _____ C:\WINDOWS\ntdtcsetup.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00004944 _____ C:\WINDOWS\iis6.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00001515 _____ C:\WINDOWS\msgsocm.log
2013-06-29 10:45 - 2013-06-29 10:54 - 00001374 _____ C:\WINDOWS\imsins.log
2013-06-29 10:45 - 2013-06-29 10:53 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-06-29 10:45 - 2013-06-29 10:45 - 00011522 _____ C:\WINDOWS\KB2846071-IE8.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00002755 _____ C:\WINDOWS\updspapi.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00000000 _____ C:\WINDOWS\setupact.log
2013-06-29 10:39 - 2013-06-29 10:39 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-06-29 05:20 - 2013-06-29 05:21 - 00000020 _____ C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable
2013-06-29 04:59 - 2013-06-29 10:53 - 00015969 _____ C:\WINDOWS\KB2850851.log
2013-06-29 04:59 - 2013-06-29 10:53 - 00014715 _____ C:\WINDOWS\KB2845187.log
2013-06-27 04:55 - 2013-06-27 05:35 - 00000000 ____D C:\Programme\Cube World
2013-06-27 04:53 - 2013-06-29 10:54 - 00022954 _____ C:\WINDOWS\setupapi.log
2013-06-27 04:52 - 2013-06-27 04:52 - 00000000 ____D C:\DirectX
2013-06-27 02:56 - 2013-06-27 02:56 - 00000000 ____D C:\Programme\CCleaner
2013-06-20 16:02 - 2013-06-20 16:02 - 00002480 _____ C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk
2013-06-20 16:02 - 2013-06-20 16:02 - 00000000 ____D C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Google Chrome
2013-06-20 16:01 - 2013-06-29 10:11 - 00001238 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job
2013-06-20 16:01 - 2013-06-20 16:11 - 00001186 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job
2013-06-20 15:24 - 2013-06-20 15:24 - 00000000 ___RD C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Verwaltung
2013-06-10 06:13 - 2013-06-10 06:14 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
2013-06-04 08:21 - 2013-06-27 02:32 - 00000000 ____D C:\Programme\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2013-06-30 04:00 - 2013-06-30 04:00 - 01218598 _____ (Farbar) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\FRST.exe
2013-06-30 04:00 - 2013-06-30 04:00 - 00000000 ____D C:\FRST
2013-06-30 03:59 - 2013-06-30 03:59 - 01778143 _____ (Farbar) C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\FRST64.exe
2013-06-30 03:57 - 2013-01-25 16:39 - 00001016 _____ C:\WINDOWS\Tasks\GinyasBrowserCompanions Update Checker.job
2013-06-30 03:56 - 2009-02-03 14:44 - 00000000 _____ C:\WINDOWS\system32\nmp.log
2013-06-30 03:55 - 2009-02-03 14:19 - 01587087 _____ C:\WINDOWS\WindowsUpdate.log
2013-06-30 03:54 - 2013-01-25 16:39 - 00001064 _____ C:\WINDOWS\Tasks\GinyasBrowserCompanions Stats Report.job
2013-06-30 03:54 - 2013-01-25 16:39 - 00001064 _____ C:\WINDOWS\Tasks\GinyasBrowserCompanions Chrome Watcher.job
2013-06-30 03:54 - 2013-01-25 16:39 - 00001016 _____ C:\WINDOWS\Tasks\GinyasBrowserCompanions FireFox Watcher.job
2013-06-30 03:54 - 2010-02-02 12:55 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-30 03:54 - 2009-02-03 14:12 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-06-30 03:54 - 2009-02-03 14:12 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-06-30 03:53 - 2009-02-03 14:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-06-30 03:28 - 2010-02-03 13:35 - 00000300 ___SH C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\ntuser.ini
2013-06-30 03:28 - 2010-02-03 13:35 - 00000000 ____D C:\Dokumente und Einstellungen\user.USER-6DCCFD836C
2013-06-30 03:28 - 2009-02-03 14:39 - 00196608 _____ C:\WINDOWS\system32\config\ACEEvent.evt
2013-06-30 03:28 - 2009-02-03 14:23 - 00032580 _____ C:\WINDOWS\SchedLgU.Txt
2013-06-30 03:22 - 2009-02-03 14:34 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-06-30 03:21 - 2010-02-02 12:55 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-30 03:17 - 2004-08-04 14:00 - 00001285 _____ C:\WINDOWS\win.ini
2013-06-30 03:12 - 2009-02-03 14:09 - 00355360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-06-29 10:56 - 2009-02-03 14:11 - 01180162 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-06-29 10:54 - 2013-06-29 10:54 - 00008989 _____ C:\WINDOWS\KB2834904.log
2013-06-29 10:54 - 2013-06-29 10:54 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-06-29 10:54 - 2013-06-29 10:45 - 00030914 _____ C:\WINDOWS\FaxSetup.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00014780 _____ C:\WINDOWS\ocgen.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00011795 _____ C:\WINDOWS\tsoc.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00010424 _____ C:\WINDOWS\comsetup.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00006307 _____ C:\WINDOWS\ntdtcsetup.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00004944 _____ C:\WINDOWS\iis6.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00001710 _____ C:\WINDOWS\ocmsn.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00001515 _____ C:\WINDOWS\msgsocm.log
2013-06-29 10:54 - 2013-06-29 10:45 - 00001374 _____ C:\WINDOWS\imsins.log
2013-06-29 10:54 - 2013-06-27 04:53 - 00022954 _____ C:\WINDOWS\setupapi.log
2013-06-29 10:53 - 2013-06-29 10:53 - 00008848 _____ C:\WINDOWS\KB2834886.log
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-06-29 10:53 - 2013-06-29 10:53 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-06-29 10:53 - 2013-06-29 10:45 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-06-29 10:53 - 2013-06-29 04:59 - 00015969 _____ C:\WINDOWS\KB2850851.log
2013-06-29 10:53 - 2013-06-29 04:59 - 00014715 _____ C:\WINDOWS\KB2845187.log
2013-06-29 10:51 - 2012-04-14 10:20 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-06-29 10:46 - 2009-02-03 15:29 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-06-29 10:45 - 2013-06-29 10:45 - 00011522 _____ C:\WINDOWS\KB2846071-IE8.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00002755 _____ C:\WINDOWS\updspapi.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-06-29 10:45 - 2013-06-29 10:45 - 00000000 _____ C:\WINDOWS\setupact.log
2013-06-29 10:45 - 2009-05-27 11:56 - 00000000 ____D C:\WINDOWS\ie8updates
2013-06-29 10:39 - 2013-06-29 10:39 - 00000000 ____D C:\Programme\Microsoft Silverlight
2013-06-29 10:39 - 2009-02-03 14:11 - 00000000 ___RD C:\Programme
2013-06-29 10:37 - 2009-02-03 15:37 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-06-29 10:11 - 2013-06-20 16:01 - 00001238 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job
2013-06-29 05:22 - 2004-08-04 14:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2013-06-29 05:21 - 2013-06-29 05:20 - 00000020 _____ C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\defogger_reenable
2013-06-29 05:06 - 2009-02-03 15:09 - 00000223 __RSH C:\boot.ini
2013-06-29 05:06 - 2004-08-04 14:00 - 00000227 _____ C:\WINDOWS\system.ini
2013-06-28 16:55 - 2010-03-28 19:22 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-06-28 16:54 - 2009-02-03 14:17 - 00000000 ____D C:\WINDOWS\Registration
2013-06-27 05:35 - 2013-06-27 04:55 - 00000000 ____D C:\Programme\Cube World
2013-06-27 04:53 - 2009-02-03 14:18 - 00000000 ____D C:\WINDOWS\system32\DirectX
2013-06-27 04:52 - 2013-06-27 04:52 - 00000000 ____D C:\DirectX
2013-06-27 02:56 - 2013-06-27 02:56 - 00000000 ____D C:\Programme\CCleaner
2013-06-27 02:50 - 2011-02-15 16:59 - 00000000 ____D C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Station Launcher
2013-06-27 02:32 - 2013-06-04 08:21 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-06-26 18:14 - 2009-02-03 17:54 - 00002509 _____ C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Microsoft Office Word 2003.lnk
2013-06-26 06:10 - 2013-03-17 16:07 - 00000046 _____ C:\WINDOWS\Speed.INI
2013-06-26 01:04 - 2013-03-13 09:06 - 00000000 ____D C:\Programme\Gemeinsame Dateien\MAGIX Services
2013-06-26 01:03 - 2009-10-15 13:05 - 00000040 _____ C:\WINDOWS\KA.INI
2013-06-26 01:03 - 2009-10-15 13:05 - 00000000 ____D C:\KA
2013-06-26 01:02 - 2010-02-03 13:35 - 00000000 ___RD C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme
2013-06-26 01:02 - 2009-02-03 15:03 - 00000000 ____D C:\WINDOWS\Help
2013-06-26 01:02 - 2009-02-03 15:03 - 00000000 ____D C:\WINDOWS\Cursors
2013-06-26 01:02 - 2009-02-03 14:15 - 00000000 ____D C:\Programme\Windows NT
2013-06-24 04:48 - 2009-02-07 19:24 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2013-06-21 07:48 - 2011-01-16 16:54 - 00000000 ____D C:\Programme\Pando Networks
2013-06-20 16:11 - 2013-06-20 16:01 - 00001186 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job
2013-06-20 16:02 - 2013-06-20 16:02 - 00002480 _____ C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop\Google Chrome.lnk
2013-06-20 16:02 - 2013-06-20 16:02 - 00000000 ____D C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Google Chrome
2013-06-20 15:58 - 2009-02-03 14:24 - 00000000 ___RD C:\Dokumente und Einstellungen\user\Startmenü
2013-06-20 15:57 - 2010-02-03 13:35 - 00000000 ___RD C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü
2013-06-20 15:54 - 2010-09-02 18:47 - 00000000 ____D C:\Programme\Klett
2013-06-20 15:53 - 2012-08-27 18:02 - 00000000 ____D C:\Programme\WinTV
2013-06-20 15:41 - 2010-02-24 19:19 - 00000000 ____D C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Tracing
2013-06-20 15:40 - 2009-07-14 15:33 - 00000000 ____D C:\WINDOWS\Minidump
2013-06-20 15:24 - 2013-06-20 15:24 - 00000000 ___RD C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Startmenü\Programme\Verwaltung
2013-06-20 13:36 - 2009-10-16 17:19 - 00000000 ____D C:\Klett
2013-06-20 13:34 - 2009-03-09 18:00 - 00000000 ____D C:\Programme\Google
2013-06-20 13:33 - 2009-02-03 14:31 - 00000000 ___HD C:\Programme\InstallShield Installation Information
2013-06-10 06:14 - 2013-06-10 06:13 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
2013-06-10 06:13 - 2009-02-03 15:55 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-06-07 23:55 - 2004-08-04 14:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2013-06-07 23:48 - 2012-06-13 09:06 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2013-06-07 23:48 - 2010-06-10 18:14 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2013-06-07 23:48 - 2009-06-11 11:54 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2013-06-07 23:48 - 2009-06-11 11:54 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2013-06-07 23:48 - 2009-02-03 15:31 - 11112960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2013-06-07 23:48 - 2009-02-03 15:31 - 02005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2013-06-07 23:48 - 2009-02-03 15:31 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2013-06-07 23:48 - 2009-02-03 15:31 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 11112960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 06017536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 01215488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2013-06-07 23:48 - 2007-08-13 19:54 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2013-06-07 23:48 - 2007-08-13 19:45 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2013-06-07 23:48 - 2007-08-13 19:44 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2013-06-07 23:48 - 2007-08-13 19:44 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2013-06-07 23:48 - 2007-08-13 19:44 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2013-06-07 23:48 - 2007-08-13 19:39 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2013-06-07 23:48 - 2007-08-13 19:34 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 06017536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-06-07 23:48 - 2004-08-04 14:00 - 01215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2013-06-07 23:48 - 2004-08-04 14:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-06-07 20:26 - 2007-08-13 19:39 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2013-06-07 20:26 - 2004-08-04 14:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-06-06 10:49 - 2013-02-03 14:23 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-06-05 11:08 - 2009-02-03 15:09 - 01876864 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\win32k.sys
2013-06-05 11:08 - 2004-08-04 14:00 - 01876864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-06-04 09:22 - 2009-05-23 12:53 - 00563712 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qedit.dll
2013-06-04 09:22 - 2004-08-04 14:00 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2013-06-02 07:51 - 2012-04-14 10:20 - 00692104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-06-02 07:51 - 2012-01-05 12:48 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2004-08-04 14:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2004-08-04 14:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2004-08-04 14:00] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2004-08-04 14:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-04 14:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2013 01
Ran by user at 2013-06-30 04:01:26
Running from C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Desktop
Boot Mode: Normal
==========================================================
40000 Cliparts
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 9.5.5 - Deutsch (Version: 9.5.5)
Adobe Shockwave Player (Version: 11)
Amazon Kindle
AMD Processor Driver (Version: 1.3.2.0053)
AOL Deinstallation
AOL Meine Fotos Bildschirmschoner
ArcSoft MediaImpression 2 (Version: 2.0.27.846)
ATI - Dienstprogramm zur Deinstallation der Software (Version: 6.14.10.1019)
ATI Catalyst Control Center (Version: 2.008.1218.0933)
ATI Display Driver (Version: 8.45-071218a-057728E-MSI)
ATI Parental Control & Encoder (Version: 3.0)
Auslogics Registry Cleaner (Version: 2.4)
Avira Free Antivirus (Version: 13.0.0.3737)
BrowserCompanion
Canon MP Navigator EX 3.0
Canon MP550 series Benutzerregistrierung
Canon MP550 series MP Drivers
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.1218.934.16937)
Catalyst Control Center Graphics Full Existing (Version: 2007.1218.934.16937)
Catalyst Control Center Graphics Full New (Version: 2007.1218.934.16937)
Catalyst Control Center Graphics Light (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Chinese Standard (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Danish (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Dutch (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Finnish (Version: 2007.1218.934.16937)
Catalyst Control Center Localization French (Version: 2007.1218.934.16937)
Catalyst Control Center Localization German (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Italian (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Japanese (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Norwegian (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Spanish (Version: 2007.1218.934.16937)
Catalyst Control Center Localization Swedish (Version: 2007.1218.934.16937)
CCC Help Chinese Standard (Version: 2007.1218.0933.16937)
CCC Help Chinese Traditional (Version: 2007.1218.0933.16937)
CCC Help Danish (Version: 2007.1218.0933.16937)
CCC Help Dutch (Version: 2007.1218.0933.16937)
CCC Help English (Version: 2007.1218.0933.16937)
CCC Help Finnish (Version: 2007.1218.0933.16937)
CCC Help French (Version: 2007.1218.0933.16937)
CCC Help German (Version: 2007.1218.0933.16937)
CCC Help Italian (Version: 2007.1218.0933.16937)
CCC Help Japanese (Version: 2007.1218.0933.16937)
CCC Help Norwegian (Version: 2007.1218.0933.16937)
CCC Help Spanish (Version: 2007.1218.0933.16937)
CCC Help Swedish (Version: 2007.1218.0933.16937)
ccc-core-preinstall (Version: 2007.1218.934.16937)
ccc-core-static (Version: 2007.1218.934.16937)
ccc-utility (Version: 2007.1218.934.16937)
CCleaner (Version: 4.03)
Common RTP 1.0
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
CrystalDiskInfo 4.6.2a (Version: 4.6.2a)
Cube World version 0.0.1 (Version: 0.0.1)
Découvertes Cadet 1 Sprachtrainer Kommunikation (Version: 1.00.000)
DVD Solution
DVDStyler v2.4.1
ElsterFormular (Version: 14.3.20130522)
Freemake Video Converter Version 3.1.2 (Version: 3.1.2)
GeoGebra 4.2 (Version: 4.2.23.0)
GinyasBrowserCompanions
Google Chrome (HKCU Version: 27.0.1453.116)
Google Update Helper (Version: 1.3.21.149)
Hauppauge WinTV
Hauppauge WinTV DVB-T EPG Service
Hauppauge WinTV Scheduler
Hauppauge WinTV Soft PVR
InterActual Player
InterVideo FilterSDK for Hauppauge
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 14.0.8117.416)
KI.KA-ROM 4 (Version: 1.0.0)
League of Legends (Version: 1.3)
LG ODD Auto Firmware Update (Version: 1.01.0412.01)
Loewenzahn 8 (Version: 1.00.0000)
Macromedia Shockwave Player (Version: 10.1.0.011)
MAGIX Foto Manager 2008 5.0.0.255 (D) (Version: 5.0.0.255)
MAGIX Music Cleaning Lab 2008 deluxe 9.0.2.0 (D) (Version: 9.0.2.0)
MAGIX Online Druck Service 3.4.3.0 (D) (Version: 3.4.3.0)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Screenshare 4.3.6.1987 (D) (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Video deluxe 17 (Version: 10.0.11.0)
Medi@Show
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft AutoRoute 2002 (Version: 9.00.17.0200)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Encarta Enzyklopädie 2003 (Version: 2003)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Picture It! Foto 7.0 (Version: 7.0.0.0000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works 2003-Setup-Start
Microsoft Works 7.0 (Version: 07.02.0702)
Mijagi-MJ4 2013-2014 (Version: 2013-2014)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Mufin MusicFinder Base 1.5.3.255 (D) (Version: 1.5.3.255)
Multimedia Launcher
Nero OEM
NeroMediaPlayer
New PowerCinema
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager (Version: 2.03.6576)
OpenAL
PowerDirector Pro
PowerDVD
PowerProducer
rayman2
Realtek High Definition Audio Driver (Version: 5.10.0.5574)
Rescuer (remove only)
SA31xx Device Manager & Media Converter (Version: 0.3)
Segoe UI (Version: 14.0.4327.805)
SG310 (Version: 1.00.000)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127-v2) (Version: 2)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2559049) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB974455) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (Version: 1)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (Version: 1)
Sicherheitsupdate für Windows Media Player (KB2834904)
Sicherheitsupdate für Windows Media Player (KB952069)
Sicherheitsupdate für Windows XP (KB2834886) (Version: 1)
Sicherheitsupdate für Windows XP (KB2845187) (Version: 1)
Sicherheitsupdate für Windows XP (KB2850851) (Version: 1)
Sicherheitsupdate für Windows XP (KB923789)
Skins (Version: 2007.1218.934.16937)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
TeamSpeak 3 Client (Version: 3.0.10.1)
TomTom HOME 2.7.3.1894 (Version: 2.7.3.1894)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000)
Unity Web Player (HKCU Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update für Windows Internet Explorer 8 (KB971180) (Version: 1)
Update für Windows Internet Explorer 8 (KB976662) (Version: 1)
Update für Windows Internet Explorer 8 (KB976749) (Version: 1)
Update für Windows Internet Explorer 8 (KB980182) (Version: 1)
Update für Windows XP (KB951978) (Version: 1)
VideoLive Mail 4.0
Viewpoint Media Player
Vokabeltrainer-Update 4.0.52 (Version: 4.0.52)
VTPlus32 für WinTV (German)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live OneCare safety scanner
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031514)
WinRAR
Works Suite-Betriebssystem-Pack (Version: 3.0.0.0000)
XML Paper Specification Shared Components Language Pack 1.0
==================== Restore Points =========================
27-03-2013 21:13:00 Systemprüfpunkt
29-03-2013 00:20:29 Systemprüfpunkt
01-04-2013 13:16:53 Systemprüfpunkt
02-04-2013 15:23:07 Systemprüfpunkt
03-04-2013 16:26:44 Systemprüfpunkt
04-04-2013 18:28:10 Systemprüfpunkt
06-04-2013 00:55:32 Systemprüfpunkt
09-04-2013 13:59:13 Systemprüfpunkt
10-04-2013 11:11:09 Software Distribution Service 3.0
20-06-2013 13:47:29 Systemprüfpunkt
20-06-2013 13:47:27 Systemprüfpunkt
20-06-2013 13:47:26 Systemprüfpunkt
20-06-2013 13:47:26 Systemprüfpunkt
20-06-2013 13:47:25 Systemprüfpunkt
20-06-2013 13:47:24 Systemprüfpunkt
20-06-2013 13:47:23 Systemprüfpunkt
20-06-2013 13:47:22 Systemprüfpunkt
20-06-2013 13:47:21 Java 7 Update 21 wird installiert
20-06-2013 13:47:20 Systemprüfpunkt
20-06-2013 13:47:19 Systemprüfpunkt
20-06-2013 13:47:18 Systemprüfpunkt
20-06-2013 13:47:17 Java 7 Update 17 wird entfernt
20-06-2013 13:47:17 Java(TM) 6 Update 24 wird entfernt
20-06-2013 13:47:15 Java 7 Update 21 wird installiert
20-06-2013 13:47:14 Systemprüfpunkt
20-06-2013 13:47:13 Systemprüfpunkt
20-06-2013 13:47:11 Systemprüfpunkt
20-06-2013 13:47:10 Removed Bing Bar
20-06-2013 13:47:09 Entfernt Star Wars Battlefront II
20-06-2013 13:47:09 FIFA 09 Demo entfernt
20-06-2013 13:47:07 Entfernt Grand Theft Auto San Andreas
20-06-2013 13:47:07 Systemprüfpunkt
20-06-2013 13:47:06 Software Distribution Service 3.0
20-06-2013 13:47:05 Systemprüfpunkt
20-06-2013 13:47:04 Systemprüfpunkt
20-06-2013 13:47:03 Systemprüfpunkt
20-06-2013 13:47:03 Systemprüfpunkt
20-06-2013 13:47:03 Systemprüfpunkt
20-06-2013 13:47:02 DirectX wurde installiert
20-06-2013 13:47:02 Systemprüfpunkt
20-06-2013 13:47:01 Systemprüfpunkt
20-06-2013 13:47:00 Systemprüfpunkt
20-06-2013 13:46:59 Software Distribution Service 3.0
20-06-2013 13:46:58 Systemprüfpunkt
20-06-2013 13:46:57 Systemprüfpunkt
20-06-2013 13:46:56 Systemprüfpunkt
20-06-2013 13:46:55 Systemprüfpunkt
20-06-2013 13:46:55 Systemprüfpunkt
20-06-2013 13:46:54 Systemprüfpunkt
20-06-2013 13:46:32 Entfernt Biologie
20-06-2013 13:46:27 Skype™ 6.1 wird entfernt
20-06-2013 13:46:23 Removed SweetIM for Messenger 3.4
20-06-2013 11:38:55 Removed SweetIM Toolbar for Internet Explorer 4.0
20-06-2013 13:55:08 Langenscheidt Vokabeltrainer 4.0 Englisch wird entfernt
20-06-2013 13:59:36 Sprachtrainer Fonts wird entfernt
22-06-2013 08:46:36 Systemprüfpunkt
23-06-2013 22:24:07 Systemprüfpunkt
23-06-2013 23:53:50 DirectX wurde installiert
24-06-2013 23:38:34 Steam wird installiert
25-06-2013 23:04:09 Firebird SQL Server - MAGIX Edition wird entfernt
25-06-2013 23:05:11 Steam wird entfernt
27-06-2013 02:53:03 DirectX wurde installiert
28-06-2013 16:26:25 Systemprüfpunkt
29-06-2013 08:36:37 Software Distribution Service 3.0
==================== Hosts content: ==========================
2004-08-04 14:00 - 2004-08-04 14:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GinyasBrowserCompanions Chrome Watcher.job => C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe
Task: C:\WINDOWS\Tasks\GinyasBrowserCompanions FireFox Watcher.job => C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe
Task: C:\WINDOWS\Tasks\GinyasBrowserCompanions Stats Report.job => C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe
Task: C:\WINDOWS\Tasks\GinyasBrowserCompanions Update Checker.job => C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GinyasBrowserCompanions\tbhcns.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004Core.job => C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1708537768-839522115-1004UA.job => C:\Dokumente und Einstellungen\user.USER-6DCCFD836C\Lokale Einstellungen\Anwendungsdaten\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2013 03:13:32 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd.
Das medienspezifische Ereignis für [tbhcns.exe!ws!] wird verarbeitet.
Error: (06/30/2013 03:13:24 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd.
Das medienspezifische Ereignis für [tbhcns.exe!ws!] wird verarbeitet.
Error: (06/29/2013 07:57:49 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung cube.exe, Version 0.0.0.0, fehlgeschlagenes Modul xaudio2_7.dll, Version 9.29.1962.0, Fehleradresse 0x0003da72.
Das medienspezifische Ereignis für [cube.exe!ws!] wird verarbeitet.
Error: (06/29/2013 05:23:01 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd.
Das medienspezifische Ereignis für [tbhcns.exe!ws!] wird verarbeitet.
Error: (06/29/2013 05:22:49 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd.
Das medienspezifische Ereignis für [tbhcns.exe!ws!] wird verarbeitet.
Error: (06/29/2013 04:52:33 AM) (Source: Application Error) (User: )
Description: Fehlgeschlagene Anwendung tbhcns.exe, Version 1.0.0.5, fehlgeschlagenes Modul tbhcns.exe, Version 1.0.0.5, Fehleradresse 0x0007a2fd.
Das medienspezifische Ereignis für [tbhcns.exe!ws!] wird verarbeitet.
Error: (06/28/2013 04:55:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070015" (konvertiert in 0x800423f3) fehlgeschlagen.
Error: (06/28/2013 04:54:47 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (06/28/2013 04:54:47 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
Error: (06/28/2013 04:54:47 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)". hr = 0x80070005.
System errors:
=============
Error: (06/28/2013 04:55:50 PM) (Source: Wechselmediendienst) (User: )
Description: Der Wechselmediendienst kann die Bibliothek CdRom1 nicht verwalten. Die Datenbank ist beschädigt.
Error: (06/28/2013 04:55:50 PM) (Source: Wechselmediendienst) (User: )
Description: Der Wechselmediendienst kann die Bibliothek CdRom2 nicht verwalten. Die Datenbank ist beschädigt.
Error: (06/28/2013 04:55:50 PM) (Source: Wechselmediendienst) (User: )
Description: Der Wechselmediendienst kann die Bibliothek CdRom0 nicht verwalten. Die Datenbank ist beschädigt.
Error: (06/28/2013 03:51:05 AM) (Source: Service Control Manager) (User: )
Description: Dienst "ForceWare user log service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/28/2013 03:49:38 AM) (Source: Service Control Manager) (User: )
Description: Dienst "EPGService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/28/2013 03:42:46 AM) (Source: Service Control Manager) (User: )
Description: Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/28/2013 03:27:40 AM) (Source: Service Control Manager) (User: )
Description: Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/27/2013 02:02:47 AM) (Source: Service Control Manager) (User: )
Description: Dienst "ForceWare IP service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/27/2013 02:01:18 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Starten Sie den Dienst neu..
Error: (06/27/2013 01:57:50 AM) (Source: Service Control Manager) (User: )
Description: Dienst "AOL Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (06/30/2013 03:13:32 AM) (Source: Application Error)(User: )
Description: tbhcns.exe1.0.0.5tbhcns.exe1.0.0.50007a2fd
Error: (06/30/2013 03:13:24 AM) (Source: Application Error)(User: )
Description: tbhcns.exe1.0.0.5tbhcns.exe1.0.0.50007a2fd
Error: (06/29/2013 07:57:49 AM) (Source: Application Error)(User: )
Description: cube.exe0.0.0.0xaudio2_7.dll9.29.1962.00003da72
Error: (06/29/2013 05:23:01 AM) (Source: Application Error)(User: )
Description: tbhcns.exe1.0.0.5tbhcns.exe1.0.0.50007a2fd
Error: (06/29/2013 05:22:49 AM) (Source: Application Error)(User: )
Description: tbhcns.exe1.0.0.5tbhcns.exe1.0.0.50007a2fd
Error: (06/29/2013 04:52:33 AM) (Source: Application Error)(User: )
Description: tbhcns.exe1.0.0.5tbhcns.exe1.0.0.50007a2fd
Error: (06/28/2013 04:55:09 PM) (Source: VSS)(User: )
Description: 0x800700150x800423f3RemovableStorageManagerOpenNtmsSessionW
Error: (06/28/2013 04:54:47 PM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{5d1e3aca-fb59-11dd-9ac8-002215d91bfc},0xc0000000,0x00000003,...)0x80070005
Error: (06/28/2013 04:54:47 PM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{d4ebb1c2-5203-11df-9be2-806d6172696f},0xc0000000,0x00000003,...)0x80070005
Error: (06/28/2013 04:54:47 PM) (Source: VSS)(User: )
Description: CreateFileW(\\?\Volume{d56415ce-f1f2-11dd-b90a-806d6172696f},0xc0000000,0x00000003,...)0x80070005
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 2047.23 MB
Available physical RAM: 1243.19 MB
Total Pagefile: 3939.69 MB
Available Pagefile: 3063.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.03 MB
==================== Drives ================================
Drive c: (WinXP) (Fixed) (Total:149.03 GB) (Free:100.9 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Daten) (Fixed) (Total:149.06 GB) (Free:80.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: DED1DED1)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
12.07.2013, 16:46
| #4 |
| /// the machine /// TB-Ausbilder | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werdenCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.07.2013, 20:41
| #5 |
| | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden ich habe vorher noch eine frage. Brauch ich die wiederherstllungskonsole weil etwas schief gehen kann bei der entfernung ?? wenn ja kann der computer irreperabel kaputt gehen oder kann es sein das alle daten verschwinden ? |
|
12.07.2013, 21:01
| #6 |
| /// the machine /// TB-Ausbilder | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden Die KOnsole ist wichtig, falls irgendwann an deinem PC was schief geht kann man darüber ganz locker wieder den PC in Gang bekommen. Wenn Du dich an die Anleitung hälst kann eigentlich nix passieren, das Tool wird am Tag bestimmt 10000mal benutzt 
__________________ --> Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden |
|
12.07.2013, 21:06
| #7 |
| | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden tun wir mal so als würde etwas schief gehen. wie würde das mit der wiederherstellung funktionieren ?? |
|
12.07.2013, 21:08
| #8 |
| /// the machine /// TB-Ausbilder | Windows XP start: tcbhn.exe hat ein Problem festgestellt und muss beendet werden Du müsstest für mindestens 5 Minuten den Blutdruck unter 200 halten, um mir genau zu schildern an welcher Stelle ein Problem kam, und was dein Rechner jetzt genau macht, wie weit er bootet. Dann navigiere ich dich in die Recovery und wir machen nen händischen Fix mit cmd-Befehlen. Oldschool
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Linear-Darstellung
