| |
| |||||||
Log-Analyse und Auswertung: SpywarebefallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.11.2013, 12:39
| #1 |
 |  Spywarebefall Hallo zusammen, Kollege meinte, dass sein PC lahm ist und Browser willkürlich Seiten öffnen und Meldungen hochkommen, dass Festplatte voll sei und geprüft werden müsste, disckdoctor / low disc space oder so. Außerdem würde auch öfter www.aikmed ohne Grund geöffnet werden? Genau konnte er mir das alles nicht sagen. Habe bereits Malwarebytes und adwcleaner ausgeführt. OTL zeigt jetzt: Code:
ATTFilter OTL logfile created on: 29.11.2013 11:57:19 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Riehmer\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,24 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,42% Memory free 6,70 Gb Paging File | 5,36 Gb Available in Paging File | 79,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 285,09 Gb Total Space | 121,09 Gb Free Space | 42,47% Space Free | Partition Type: NTFS Drive D: | 7,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: RIEHMER-PC | User Name: Riehmer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Riehmer\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVG\AVG2014\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2014\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG2014\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) PRC - C:\Program Files\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Windows\System32\TUProgSt.exe (TuneUp Software) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Windows\System32\drivers\o2flash.exe (O2Micro International) PRC - C:\Program Files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe () PRC - C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) PRC - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe () PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\MSI\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\fbaadafecb211c0faea42e24cb927249\Kies.Theme.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\6577f6dfb5a450d0bbe907f4ac5c7ca6\DummyStorePlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\c62a136e43f5a3d13c51c4d5518fd163\DeviceStoryAlbum.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\6be1468e9e409a8704c5c5e895eea29e\DevicePodcast.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\184c708c2aff187c0282217ed5d6aff9\DeviceVideo.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\864ed58a5d0dad29d91694a47148b417\DevicePhoto.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\3c726f203cb89bafdc3fdef1310bbe65\DeviceMusic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\745a99cd00f041ed51e7b90a9048db0f\VideoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\69a4258b82a64547b041cd1f4fcefe80\PhotoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\ac60efdce0d9960ee7e7684762963096\Phonebook.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\218e439ff5f6efe79d596b09befa90e0\StoryAlbumManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\e6d86418fd65cdf3ab7b63eeaf348aac\MusicManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\beed6ae414a811454f863e8e5218e2b0\BATPlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\5b604be073408561a780ee18ac2efeea\Kies.Common.MediaDB.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\0cee5612bdc5291d2c06bddf7e88aa08\Kies.Common.StoreManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\8fd8e3288a11e9f5a2ea12544b6160fc\Kies.Common.AllShare.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\e970ec66efbca8e11aec1b5b68aed645\Kies.Common.CRMManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\02babf6182f4740582f025e7a8e1682d\Kies.Common.DBManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\69785f6118004cd586d8b2767adf56e1\Podcaster.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\5045b63540dc355f0b7988d0f7c86b99\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c7977b32f20fa76fe8de852a0827ff16\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\af55d460c3a7f10ca7233b050a480767\Interop.DevFileServiceLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0479897f82c81e0c5c2f23951882c07e\Kies.Common.DeviceServiceLib.FileService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4addecf25bb3be3481a368a28193bad0\Kies.Common.DeviceService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\2f8e060dcb222f52e78034fb0185c26f\DeviceCommonLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\7ad8fe11a869d54f5863d2e28909940d\Kies.Plugin.ContentsManagerLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\8e02b22234671d19c70488e914b149d6\Kies.Common.MainUI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\faca1498093e2374f451012ba4ffc81b\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\edc38c2279bb5fcb9741cd2fdf10e20a\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\cd794d29d58ba19010ca625f57a1b50c\Kies.Common.Multimedia.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\2631759e35a0681f57e2f3975ef09db8\Interop.PRPLAYERCORELib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\816518ee15aac04ce078ffbbfa451b51\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\897b793626102d13fe581f59a1009f0e\Kies.Common.DeviceServiceLib.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\177b9cf1c0b1282433d5bc021f1babec\DeviceHost.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\91638c5ecaccf1cbf170f7f407bbcffc\Kies.Common.Util.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\1ec0744ead03224bb0f4df63491b4d81\Kies.Locale.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\b1fa1960e4200803561901da81834924\Interop.DeviceSearchLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\e3ed6d800bc802eb464df3d6edbe262d\Kies.MVVM.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\dda7fe74dac6ecd178928032a7737f47\Kies.UI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\edccaecec7d61061f22e543ebaf1bede\Kies.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\49ee20fd7324ffb6a81d214b4ff9ae34\Kies.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\6cfb6056dfe610b88af47c21a80026b7\GongSolutions.Wpf.DragDrop.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\e9147e4c70d4e387dc4aea59ce0a219a\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\85a501f8b0cb271f1bfab6532523ac3c\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\55c245966c0b23a47587c18681457e48\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\99bbd3424207d205e9e680fa712dba04\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\b1ff5e4a64c0bb0a9b039aaefcde5ea7\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\c5efe841e2998c266e0f5e29bed04b55\ASF_cSharpAPI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\d8f4106eee38420ac5eda7d630dc53fc\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\77b08e09ee6c83b6fc3515460a27da18\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\f17c7bc239be0eb7661cbcd3cff1ea16\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\c8648331484537c338fe2b606a9db8b7\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\b7285e9f3d19a05d5cc2c049e451685d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\08c630893416f3379c9455870908ad6c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\a474771ad225ef2b83d38a86a160ed53\Interop.P3MPINTERFACECTRLLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\be9d4a331a41a83465c56b735845c86b\Interop.MP3FileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\0cd09e4839a2bfe65311191d2e61c698\Interop.OGGFileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\abebd90a3673cde0cd3a1b81a9f18f86\CabLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\05034abc5246a6fef208f73cb912d971\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a01e07e47ecdd94ae099e8c4bf650516\mscorlib.ni.dll () MOD - C:\Program Files\Notepad++\NppShell_04.dll () MOD - C:\Windows\System32\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3106.38542__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3106.38494__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3106.38558__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3106.38756__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3106.38714__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3106.38533__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3106.38664__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3106.38517__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3106.38798__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3106.38724__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3106.38805__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3106.38731__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3106.38510__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3106.38723__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3106.38668__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3106.38573__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3106.38657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3106.38519__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3106.38746__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3106.38706__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3106.38579__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3106.38565__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3106.38689__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3106.38665__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3106.38795__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3106.38578__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3106.38687__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3106.38704__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3106.38666__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3091.17957__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3106.38667__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3091.17954__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3091.17956__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3091.18035__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3091.18001__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3091.17981__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3091.17968__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3091.17961__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3091.17961__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3091.17977__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3091.17980__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3091.17981__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3091.17967__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3091.17987__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3091.17980__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3091.17978__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3091.18004__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3091.17993__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3091.17990__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3091.17992__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3091.17976__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3091.17988__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3091.17982__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3091.17979__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3091.17991__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3091.17983__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3091.17977__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3091.17968__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3106.38488_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3106.38774_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3106.38774__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3106.38526__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3106.38785__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3106.38782__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3106.38488__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3091.17979__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3106.38822__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3091.17961__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3091.17965__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3091.17978__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3091.17977__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3091.17977__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3091.17963__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3106.38837__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3106.38485__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3106.38503__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3106.38486__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3106.38482__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3106.38484__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3091.17970__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3106.38784__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3091.17993__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Program Files\Acronis\TrueImageHome\fox.dll () MOD - C:\Program Files\WinRAR\RarExt.dll () MOD - C:\Program Files\MSI\TotalMedia 3.5\FPXLIB.DLL () MOD - C:\Program Files\MSI\TotalMedia 3.5\magengin.dll () MOD - C:\Program Files\MSI\TotalMedia 3.5\kgl.dll () ========== Services (SafeList) ========== SRV - (vToolbarUpdater17.1.2) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe File not found SRV - (Norton Internet Security) -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 File not found SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (avgwd) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe () SRV - (TuneUp.ProgramStatisticsSvc) -- C:\Windows\System32\TUProgSt.exe (TuneUp Software) SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software) SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (o2flash) -- C:\Windows\System32\drivers\o2flash.exe (O2Micro International) SRV - (ETService) -- C:\Program Files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe () SRV - (TryAndDecideService) -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe () SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe () ========== Driver Services (SafeList) ========== DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS File not found DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (hwusbfake) -- system32\DRIVERS\ewusbfake.sys File not found DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies) DRV - (Avgdiskx) -- C:\Windows\System32\drivers\avgdiskx.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.) DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (hwusbdev) -- C:\Windows\System32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis) DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis) DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis) DRV - (tdrpman) -- C:\Windows\System32\drivers\tdrpman.sys (Acronis) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (O2MDRDR) -- C:\Windows\System32\drivers\o2media.sys (O2Micro ) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (O2SDRDR) -- C:\Windows\System32\drivers\o2sd.sys (O2Micro ) DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech ) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65 IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=2&o=vp32&d=0109&m=easynote_ml65 IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.homburg.de/content/pages/home.htm IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\..\SearchScopes\{7001AD53-F5C5-4239-9B99-7F1F57A0D82D}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de IE - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.11.29 11:32:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.29 11:37:43 | 000,000,000 | ---D | M] [2013.08.13 20:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Riehmer\AppData\Roaming\mozilla\Extensions [2013.11.29 11:32:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Riehmer\AppData\Roaming\mozilla\Firefox\Profiles\a3m6s5vt.default\extensions [2010.09.27 18:36:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Riehmer\AppData\Roaming\mozilla\Firefox\Profiles\a3m6s5vt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2013.11.07 21:18:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Riehmer\AppData\Roaming\mozilla\Firefox\Profiles\a3m6s5vt.default\extensions\{af6ac4f2-9825-4fb6-a600-92bc5361f209} [2011.07.27 18:52:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Riehmer\AppData\Roaming\mozilla\Firefox\Profiles\a3m6s5vt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2013.08.13 20:35:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013.06.10 17:30:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.06.10 17:30:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.06.10 17:30:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.06.10 17:30:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.06.10 17:30:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Search Results () CHR - default_search_provider: search_url = hxxp://www.google.com CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.google.com CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.57\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: DivX OVS Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Adblock Plus = C:\Users\Riehmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0\ CHR - Extension: Google Wallet = C:\Users\Riehmer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-1415058074-704485446-1059558982-1000\..\Toolbar\WebBrowser: (no name) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-1415058074-704485446-1059558982-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-1415058074-704485446-1059558982-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-1415058074-704485446-1059558982-1000..\Run: [SmpcSys] C:\Program Files\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Riehmer\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.6.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{096A1A20-3C32-4C0F-8207-775C5F5EB0EC}: DhcpNameServer = 192.168.6.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4310FAE2-5BC8-4D0A-89A7-3485EAE3E614}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C6AAC68-853A-4FCE-9777-B14403876F5E}: NameServer = 10.74.210.210 10.74.210.211 O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\System32\ezShellStart.exe (EasyBits Software AS) O24 - Desktop WallPaper: C:\Users\Riehmer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Riehmer\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\System32\ezUPBHook.dll (EasyBits Software Corp.) O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{2f0e5c04-b517-11e0-bd6b-001e101f63cf}\Shell - "" = AutoRun O33 - MountPoints2\{2f0e5c04-b517-11e0-bd6b-001e101f63cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2f0e5c11-b517-11e0-bd6b-001e101fa1f5}\Shell - "" = AutoRun O33 - MountPoints2\{2f0e5c11-b517-11e0-bd6b-001e101fa1f5}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{41f53742-6e9c-11e1-9e81-001e101f3976}\Shell - "" = AutoRun O33 - MountPoints2\{41f53742-6e9c-11e1-9e81-001e101f3976}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{557117ef-9140-11e0-afd0-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{557117ef-9140-11e0-afd0-00238b4dbf05}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{557118a6-9140-11e0-afd0-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{557118a6-9140-11e0-afd0-00238b4dbf05}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{afe71462-9065-11e0-aa7e-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{afe71462-9065-11e0-aa7e-00238b4dbf05}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{afe71464-9065-11e0-aa7e-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{afe71464-9065-11e0-aa7e-00238b4dbf05}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c0b4c070-b878-11e0-933e-001e101f7f7d}\Shell - "" = AutoRun O33 - MountPoints2\{c0b4c070-b878-11e0-933e-001e101f7f7d}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{c0b4c242-b878-11e0-933e-001e101fc4ba}\Shell - "" = AutoRun O33 - MountPoints2\{c0b4c242-b878-11e0-933e-001e101fc4ba}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{d01a4a53-c902-11e0-ad15-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{d01a4a53-c902-11e0-ad15-00238b4dbf05}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{e83ad289-f783-11dd-a7c8-00238b4dbf05}\Shell - "" = AutoRun O33 - MountPoints2\{e83ad289-f783-11dd-a7c8-00238b4dbf05}\Shell\AutoRun\command - "" = E:\setup.exe AUTORUN=1 O33 - MountPoints2\{faf6ae0b-1155-11de-b22f-00f1d000f1d0}\Shell\AutoRun\command - "" = E:\PStart.exe O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.11.29 11:23:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.11.29 11:20:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Riehmer\Desktop\OTL.exe [2013.11.29 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\Riehmer\AppData\Roaming\Malwarebytes [2013.11.29 09:20:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.11.26 17:40:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.11.12 22:56:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.11.12 22:56:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.11.12 22:56:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.11.12 22:56:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.11.12 22:56:11 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.11.12 22:56:10 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.11.12 22:56:10 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.11.12 22:56:09 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.11.12 22:37:17 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL [2013.11.05 21:50:48 | 000,120,600 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013.11.04 21:57:30 | 000,209,176 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013.10.31 23:00:28 | 000,176,952 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2013.10.31 22:30:08 | 000,222,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys ========== Files - Modified Within 30 Days ========== [2013.11.29 12:00:06 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job [2013.11.29 11:37:44 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2013.11.29 11:34:35 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.11.29 11:34:34 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.11.29 11:34:29 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml [2013.11.29 11:34:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.11.29 11:34:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.11.29 11:34:14 | 3483,992,064 | -HS- | M] () -- C:\hiberfil.sys [2013.11.29 11:26:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.11.29 11:20:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Riehmer\Desktop\OTL.exe [2013.11.29 10:55:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2013.11.29 10:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.11.29 07:02:56 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job [2013.11.27 20:39:06 | 014,850,766 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.11.27 20:39:06 | 005,103,540 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.11.27 20:39:06 | 004,435,410 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.11.27 20:39:05 | 004,858,758 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.11.26 21:00:52 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job [2013.11.26 17:40:01 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk [2013.11.19 20:43:09 | 000,001,925 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.11.15 21:59:19 | 000,508,298 | ---- | M] () -- C:\Users\Riehmer\Desktop\2013-11-14 18 25 56.jpg [2013.11.15 21:55:35 | 000,443,991 | ---- | M] () -- C:\Users\Riehmer\Desktop\2013-11-14 18 25 30.jpg [2013.11.15 21:49:00 | 000,509,500 | ---- | M] () -- C:\Users\Riehmer\Desktop\2013-11-14 18.26.15.jpg [2013.11.12 22:22:30 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys [2013.11.07 17:37:12 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.11.05 21:50:48 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgdiskx.sys [2013.11.04 21:57:30 | 000,209,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsdriverx.sys [2013.10.31 23:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2013.10.31 22:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avglogx.sys ========== Files Created - No Company Name ========== [2013.11.15 21:59:19 | 000,508,298 | ---- | C] () -- C:\Users\Riehmer\Desktop\2013-11-14 18 25 56.jpg [2013.11.15 21:55:35 | 000,443,991 | ---- | C] () -- C:\Users\Riehmer\Desktop\2013-11-14 18 25 30.jpg [2013.11.15 21:49:00 | 000,509,500 | ---- | C] () -- C:\Users\Riehmer\Desktop\2013-11-14 18.26.15.jpg [2013.11.12 22:37:17 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF [2013.10.16 21:39:15 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2013.10.16 21:39:15 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2012.10.29 18:54:47 | 000,000,680 | ---- | C] () -- C:\Users\Riehmer\AppData\Local\d3d9caps.dat [2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.02.16 11:00:44 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011.07.16 14:30:11 | 000,001,024 | ---- | C] () -- C:\Users\Riehmer\.rnd [2010.11.07 15:32:46 | 001,775,248 | ---- | C] () -- C:\Users\Riehmer\Fotospiel.cpr [2010.11.07 15:02:38 | 001,775,193 | ---- | C] () -- C:\Users\Riehmer\Fotospiel Chiara.cpr [2010.09.12 20:35:37 | 001,258,156 | ---- | C] () -- C:\Users\Riehmer\AppData\Roaming\mdbu.bin [2009.04.14 18:09:03 | 000,000,552 | ---- | C] () -- C:\Users\Riehmer\AppData\Local\d3d8caps.dat [2009.02.11 11:55:06 | 000,096,768 | ---- | C] () -- C:\Users\Riehmer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.08 19:40:39 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2012.11.08 19:40:39 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2011.05.09 20:42:29 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Acronis [2013.10.12 19:44:17 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\AVG2014 [2011.07.16 13:51:50 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Canneverbe Limited [2009.02.11 12:12:06 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\FileMaker [2011.10.20 07:45:33 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\GHISLER [2010.05.23 15:23:34 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\GrabPro [2011.02.20 19:40:35 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Imaxel [2010.12.30 20:22:24 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Local [2013.08.13 20:29:54 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Nokia [2011.05.10 21:17:14 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Nokia Ovi Suite [2011.07.27 18:32:53 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Notepad++ [2011.02.08 07:00:48 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Orbit [2011.05.10 21:16:08 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\PC Suite [2012.10.17 20:04:51 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Samsung [2011.06.07 18:12:29 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\T-Mobile [2011.06.07 18:36:30 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\T-Mobile Internet Manager [2013.06.18 17:54:51 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\TeamViewer [2012.10.28 18:41:14 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\TuneUp Software [2013.11.29 11:32:13 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\Uniblue [2011.07.18 16:06:14 | 000,000,000 | ---D | M] -- C:\Users\Riehmer\AppData\Roaming\XMedia Recode ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.11.2013 11:57:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Riehmer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,24 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 57,42% Memory free
6,70 Gb Paging File | 5,36 Gb Available in Paging File | 79,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285,09 Gb Total Space | 121,09 Gb Free Space | 42,47% Space Free | Partition Type: NTFS
Drive D: | 7,44 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: RIEHMER-PC | User Name: Riehmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
vbefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FE63BE6-8FD7-44D4-8D27-4E5C1CBD7CF0}" = rport=137 | protocol=17 | dir=out | app=system |
"{1A87D83B-ACDF-4CEC-AAE0-A25BE776F3FB}" = lport=139 | protocol=6 | dir=in | app=system |
"{1E8A497B-3BE4-4765-974D-1E47CD1C10E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{268507FA-F4DB-4FC0-AEA3-FA499AEA54B2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{340C0F6A-A7BE-4055-B2D8-1E8E465BF0AB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3C9B57FE-B707-4526-A83B-6990DE357008}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A785507-5B61-4575-AE4C-EC2B4ED076FE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4ECA8FC3-D0C7-4922-9A53-E61FD8903CD1}" = lport=445 | protocol=6 | dir=in | app=system |
"{62D5427B-0969-4D48-8192-C7CF02F11DF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82DB4F17-AE63-4738-A172-6D22401D4484}" = rport=445 | protocol=6 | dir=out | app=system |
"{84562720-E519-455D-A77B-DF16C3D66FD9}" = lport=138 | protocol=17 | dir=in | app=system |
"{9244957D-F17F-4304-979F-D3A3F79B0711}" = lport=137 | protocol=17 | dir=in | app=system |
"{9D3578D4-32F5-4BF7-8818-57D83594ED59}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9DC0A193-087A-4F50-8C38-DC1F0B3E2C4A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A92C8244-933C-49F2-8324-7EA574794B2A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{B277F69E-DEC8-47ED-BC72-B569685543C1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B2EC5C2D-A4E5-456A-8C61-81A326EDE755}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC86C8D9-C8F7-4A49-B16D-2E2E611DD7DE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E2CD3D3C-A3E3-4087-BC0D-69E6D9A05C81}" = rport=139 | protocol=6 | dir=out | app=system |
"{FE1814BD-3B78-4395-9B2E-66C4F8CB6D51}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{112C1016-9468-47C2-AB33-53D7F9957CF8}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{13BA6953-EC62-4F8E-A2EE-6DAC35CF48F0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1B026A1C-4B2D-4A6D-AB4E-8176E8133065}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{1DA7E6BC-37DF-46BD-9838-6771731E5E7C}" = dir=out | app=c:\users\riehmer\downloads\driverperformersetup (1).exe |
"{2388B520-A508-4B54-98C2-A3FA035B446C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{2AEFF72D-9477-4F7C-9972-A53984ECF921}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{4156D180-C5A0-4724-A03B-EC9B316307D0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4453BC56-373D-4FE0-BA3A-82444C86DE34}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{508AA1BC-18E5-4E40-991D-2DE12D8E64B9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E3C33AA-4D12-49DD-B1FB-E6B623F9632D}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{5FFB312D-1F85-4F92-9EC7-6796E038D297}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{635F1404-B312-4003-B819-2C31431D0743}" = dir=in | app=c:\users\riehmer\appdata\local\temp\ibtmp9d3c207\driver hunter.exe |
"{64A6CEB0-EE0A-412A-B6B3-AA889C104FD8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6B6C0CA9-0FD5-4FA9-890E-C5723E3D19A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6D51EFF5-E8BA-445E-8D39-58F1D6E62A02}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{6D715F38-244E-43EC-9C1F-312F3B471F50}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{769B7659-24C8-46CB-A182-142E7535A24C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{775D783D-59A7-4813-A58B-A56E27EF7F88}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{90B78ED9-717A-4D95-9046-7E31BCBA83A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{91AB2E93-23AC-4B13-9FEE-BC9DE190D9EF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9442F48A-4A29-4F1F-A096-012FEFA3ADBD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{94A6B090-5268-46BF-BEB4-4C43BC152938}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A84EFA2B-D77B-4D78-9045-F4ED9F5DD0A8}" = dir=in | app=c:\users\riehmer\downloads\driverperformersetup (1).exe |
"{AD5FCA38-EDC4-437D-A81F-529736C91D53}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{B064EF0F-EA9A-4389-910E-490321EBA612}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B6A9B656-9B64-4B2D-AD5E-65B6688B3096}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B964AC7F-6E41-4ABE-8452-23CB65640D78}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC5EABD3-4308-4E42-B83C-441B8A69F84C}" = dir=out | app=c:\users\riehmer\appdata\local\temp\ibtmp9d3c207\driver hunter.exe |
"{BDF455F4-54F8-44DB-8E4F-F10620CBD499}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgnsx.exe |
"{BFA17CA7-1CEA-47EE-80E9-25CE1C87A9CA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C0353BDC-D881-440A-981C-4B0CE16FF262}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{CEB1AB85-E658-4631-99BD-F1D6FB8D1586}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5C1F231-C1B9-4A1D-88CE-E4B26BA7EA06}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D6D2DD1A-17C4-480A-973B-CCB871728581}" = protocol=6 | dir=in | app=c:\program files\avg\avg2014\avgmfapx.exe |
"{DB39DEAA-FCE2-46C9-B1D0-2C24B6981913}" = protocol=17 | dir=in | app=c:\program files\avg\avg2014\avgdiagex.exe |
"{E13F8A25-52B4-4657-84A1-E9C3CF9CDC42}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E15948DA-7E97-42D8-AB0F-56D27E12E9D4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F1D5B822-FCEE-4C1E-B29D-F03FA1BD6A8E}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{F46C9250-7E11-4970-AD6C-90F73F752C56}" = protocol=6 | dir=out | app=system |
"{F6FE93AA-B37B-4E20-9191-980630C2EF2A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{FE56D430-6863-47F9-A11B-EA703202BFA9}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{765F1837-8124-435B-8413-81A742F9A9D8}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{88366624-4665-43A2-B518-923DA71F7FA6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A86FF05B-264E-4393-BCD1-43354F6DD71C}C:\program files\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"UDP Query User{52D3D489-8A6C-4A1F-94F2-FED466FFAAAB}C:\program files\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"UDP Query User{77D19906-D941-47B6-8A3B-0C5768CC3F91}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{EB317153-C68B-4326-94ED-CD15452298B8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00549AEA-C848-4F02-F362-A8F1D1788C3A}" = Catalyst Control Center Localization Czech
"{02EA9110-972B-2B48-7382-9B6047077B3C}" = Catalyst Control Center Localization Portuguese
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05AE422A-502B-8468-43C2-54DD474899B5}" = CCC Help Turkish
"{079A1DB4-209F-879F-374A-84E5A96DF338}" = Catalyst Control Center Localization Italian
"{0C43A18C-0936-672A-C2C0-02F15150F64F}" = CCC Help Hungarian
"{0C8A037B-90F5-6AA7-5EC2-B07CCCDFB141}" = Catalyst Control Center Localization Dutch
"{0C8EA3FD-F006-EAEA-79C4-2D217FD379DB}" = Catalyst Control Center Localization Chinese Standard
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10C74936-0C0A-06BA-D824-716CE52601B1}" = CCC Help Korean
"{165C3ED5-3876-E7C3-85BC-8467E3CE0F70}" = Catalyst Control Center Localization German
"{1796FCDD-C72C-314A-E8FF-5C66F275BEFF}" = Catalyst Control Center Localization Chinese Traditional
"{1AFE2819-1217-1CCF-3486-B8D96C743FDA}" = CCC Help Czech
"{1B347F2A-B755-4F30-0062-48CFD72D1176}" = CCC Help Dutch
"{1D4BA533-9783-AF5F-B13C-85F2DDB9D3A8}" = CCC Help English
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{2621588B-04F1-F477-0572-EBB0B48010A4}" = Catalyst Control Center Graphics Light
"{268CF0B8-CA38-4E20-9E99-514A07F7C1F1}" = ArcSoft TotalMedia 3.5
"{28518520-F25C-48C3-A224-861F331602F4}" = Setup My PC
"{3048FFC3-44DB-DED5-0AEF-A8F4D6BE7E44}" = CCC Help Chinese Standard
"{36A95FCC-0D0A-B711-BADE-F14733A71CF7}" = Catalyst Control Center Core Implementation
"{3B97ADB7-3DA1-4964-BC10-68384BA6A66F}" = AVG 2014
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4A74E946-7C5E-6F6F-8104-ACB90D679720}" = CCC Help Spanish
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4FFDDDF1-9D56-44C0-792D-D5C64DFC529E}" = Catalyst Control Center Localization Spanish
"{50CF5A0E-6FC1-5DF1-FDD6-79D5CFC1151B}" = Catalyst Control Center Localization Finnish
"{521D0313-4184-C6DE-8E4B-CBC40BDE4D55}" = CCC Help German
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56872F20-55EE-335D-BE86-DFD12B32F36A}" = Catalyst Control Center Localization Japanese
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5B496CEF-CCC4-61E3-39F3-3DFEF6B6FB49}" = CCC Help Portuguese
"{5C2578B9-2362-5D8E-997B-2123ED2DF2A2}" = Catalyst Control Center Graphics Full Existing
"{626FEA24-2B91-DA81-3C11-304001F25843}" = CCC Help Norwegian
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}" = Acronis*True*Image*Home
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EBA529D-BF46-ABED-1CCF-70C7C2B70473}" = Catalyst Control Center Localization Danish
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7EB0E475-2E9F-E094-03DB-4F2CD5B62934}" = Catalyst Control Center Localization Thai
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{813CB27B-AD46-3C9B-A606-FB08C3B2B1A0}" = Catalyst Control Center Localization French
"{81CAA963-C45B-9F3F-41F3-4A96E5CE5998}" = CCC Help Greek
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{9075350B-5B82-5764-F41D-7D00EE2EF674}" = Catalyst Control Center Localization Russian
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{926AD087-C20B-96D6-6956-453018AD1875}" = CCC Help Danish
"{940BF44D-005A-41ED-A625-9B767C71A586}" = O2Micro Flash Memory Card Reader Driver (x86)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{98191369-6008-58B7-3C14-CDBF12874C43}" = CCC Help Polish
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1278D8-046C-909A-60C5-01A7A5090E58}" = CCC Help Italian
"{9C1EF1BD-F063-B546-7BE9-5BC8C9D0F2FF}" = ccc-core-static
"{9EB67045-12A7-40C0-3E45-9C057912692E}" = ccc-utility
"{A2AA4204-C05A-4013-888A-AD153139297F}" = PC Connectivity Solution
"{A4EA72C4-DBBB-B518-F77F-6FA9D4789E4F}" = Catalyst Control Center Graphics Previews Vista
"{A61DF933-0C64-DECD-2CFD-15C69545DAB4}" = Catalyst Control Center Graphics Full New
"{A7E3A91A-45A6-A9B6-5609-B055F2D8B3D3}" = CCC Help French
"{A8523530-9702-C804-5EF7-5C4DB0E08572}" = CCC Help Chinese Traditional
"{A9212616-FCA2-4173-BD99-5C741EB3A068}" = Ulead DVD PictureShow 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.5 - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B180AB61-CE1E-92A4-DEB4-CA83F920DBC4}" = Catalyst Control Center Localization Greek
"{B19D375A-E1C8-F9AB-1A33-EBE471FB770B}" = Catalyst Control Center Localization Polish
"{C2E20A5A-CDEE-FEDA-F742-B3C273563AAF}" = CCC Help Finnish
"{CA786CFF-1D31-4804-B436-F3405B14357F}" = Packard Bell Updator
"{CADBED42-4242-36E3-1EDD-2A7CC440C873}" = Catalyst Control Center Localization Norwegian
"{CD647571-CAF5-5DC2-D7C7-9DC8CEAC661E}" = CCC Help Thai
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2321C46-CC24-D0C4-1363-0AA32D665290}" = CCC Help Swedish
"{D359B12F-9B1A-46FD-B70C-F507B5B11590}" = HDRegDE
"{DBF4F732-2E2F-66D2-D7C6-CCBED6B34905}" = Catalyst Control Center Localization Swedish
"{DD647C03-0DDB-ABB8-9A18-5DA8F6873FBC}" = Skins
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4304CE6-86D7-440E-FC3D-63CB77862AF7}" = CCC Help Russian
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EABCA81A-E96B-6163-CF2B-1A7DF959BEB4}" = Catalyst Control Center InstallProxy
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBC73B8D-5DC5-92F0-0F2C-B4476DA45E0F}" = Catalyst Control Center Localization Hungarian
"{EDA5C0FD-656E-7311-9CC7-7B46C3A23FDC}" = Catalyst Control Center Localization Turkish
"{EEAFDDCF-0B0E-44DB-995B-886FB139CF1F}" = AVG 2014
"{EEF2C08D-C070-D3AD-4A56-B3094A2990DC}" = CCC Help Japanese
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4EA67C9-6748-4C1E-9AFF-04149AC75D95}" = Packard Bell ImageWriter
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8BBD906-76D4-EC1F-7200-C192C5135069}" = ATI Catalyst Install Manager
"{FCA73084-4918-1FAD-8550-A72EC233E4F3}" = Catalyst Control Center Localization Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"AVG" = AVG 2014
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"EasyBits Magic Desktop" = EasyBits Magic Desktop
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.5.1.712
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"MediaMonkey_is1" = MediaMonkey 3.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6.28)" = Mozilla Firefox (3.6.28)
"Notepad++" = Notepad++
"Office2007" = Microsoft Office Home and Student
"TeamViewer 8" = TeamViewer 8
"VLC media player" = VLC media player 1.1.5
"WinRAR archiver" = WinRAR
"Works9se" = Microsoft Works 9.0 SE
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1415058074-704485446-1059558982-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab PDF Creator" = FoxTab PDF Creator
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 15.04.2012 10:43:18 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3012
Description =
Error - 15.04.2012 10:43:18 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3011
Description =
Error - 15.04.2012 14:33:07 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3012
Description =
Error - 15.04.2012 14:33:07 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3012
Description =
Error - 15.04.2012 14:33:07 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3011
Description =
Error - 15.04.2012 14:39:27 | Computer Name = Riehmer-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ibsvc.exe, Version 11.6.20.3, Zeitstempel 0x4f7d59bd,
fehlerhaftes Modul USER32.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000142, Fehleroffset 0x00009f5d, Prozess-ID 0x1150, Anwendungsstartzeit
01cd1b371616b6dd.
Error - 15.04.2012 14:43:18 | Computer Name = Riehmer-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.04.2012 14:49:01 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3012
Description =
Error - 15.04.2012 14:49:01 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3012
Description =
Error - 15.04.2012 14:49:01 | Computer Name = Riehmer-PC | Source = LoadPerf | ID = 3011
Description =
[ OSession Events ]
Error - 28.03.2009 04:12:38 | Computer Name = Riehmer-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.6215.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.11.2013 16:23:23 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.11.2013 12:30:10 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.11.2013 12:30:10 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.11.2013 12:30:10 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 29.11.2013 06:34:00 | Computer Name = Riehmer-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 29.11.2013 06:34:24 | Computer Name = Riehmer-PC | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =
Error - 29.11.2013 06:35:38 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.11.2013 06:35:38 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.11.2013 06:35:38 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 29.11.2013 06:35:38 | Computer Name = Riehmer-PC | Source = Service Control Manager | ID = 7026
Description =
[ TuneUp Events ]
Error - 18.11.2013 14:13:29 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-18 19:13:29',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 19.11.2013 13:22:07 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-19 18:22:07',
3, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 19.11.2013 15:40:12 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-19 20:40:12',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 22.11.2013 16:53:36 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-22 21:53:36',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 26.11.2013 12:43:03 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-26 17:43:03',
3, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 26.11.2013 16:00:52 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: database disk image is malformed; when executing SQL: INSERT
INTO Applications (Exe, Started, Ended, State, Resumed) SELECT Exe, Started, Ended,
State, Resumed FROM MemApplications;DELETE FROM MemApplications;INSERT INTO Applications
(Exe, Started, Ended, State, Resumed) SELECT Exe, Started, '2013-11-26 21:00:52',
1, Resumed FROM ActiveApps;DELETE FROM ActiveApps
Error - 29.11.2013 06:34:43 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-11-29 11:34:43', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamscheduler.exe','3032',0)
Error - 29.11.2013 06:34:43 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-11-29 11:34:43', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamservice.exe','3248',0)
Error - 29.11.2013 06:34:43 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-11-29 11:34:43', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamgui.exe','3796',0)
Error - 29.11.2013 06:36:12 | Computer Name = Riehmer-PC | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-11-29 11:36:12', '\device\harddiskvolume2\program
files\malwarebytes' anti-malware\mbamgui.exe','4656',0)
< End of report >
Danke euch |
| Themen zu Spywarebefall |
| 32 bit, adblock, adobe, adobe flash player, autorun, avg, avg security toolbar, browser, converter, defender, explorer, festplatte, festplatte voll, firefox, flash player, format, home, install.exe, logfile, malwarebytes, microsoft, packard bell, photoshop, plug-in, realtek, registry, scan, secure, secure search, security, seiten, software, vista, vtoolbarupdater |
Baum-Darstellung