| |
| |||||||
Log-Analyse und Auswertung: Antivir wirft häufig infizierte Objekte aus / OTL AnalyseWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.02.2013, 18:33
| #1 |
 |  Antivir wirft häufig infizierte Objekte aus / OTL Analyse Hallo lieber Helfer, nun sitze ich an einem anderen Laptop. Antivir meldet sich oft und weist infizierte Objekte aus. Ich habe die OTL Analyse per QuickScan durchgeführt: Vielen vielen Dank vorab ! OTL.txt OTL logfile created on: 19.02.2013 18:21:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Herbert Müller\Downloads Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16484) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,97 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 61,25% Memory free 3,97 Gb Paging File | 2,74 Gb Available in Paging File | 69,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 19,87 Gb Free Space | 20,35% Space Free | Partition Type: NTFS Drive D: | 200,43 Gb Total Space | 120,39 Gb Free Space | 60,07% Space Free | Partition Type: NTFS Computer Name: ASUS_HERBY | User Name: Herbert Müller | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.02.19 18:20:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Herbert Müller\Downloads\OTL.exe PRC - [2013.02.19 16:24:38 | 001,262,192 | ---- | M] () -- C:\Programme\Movie2KDownloader.com\Movie2KDownloader.exe PRC - [2013.02.14 17:37:52 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIHAE.EXE PRC - [2013.02.13 19:19:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.02.13 19:19:06 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.02.13 19:19:05 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.02.13 19:19:05 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2013.02.03 10:28:11 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\Update\realsched.exe PRC - [2012.12.20 02:00:31 | 000,770,544 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe PRC - [2012.11.06 05:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe PRC - [2012.10.11 06:56:41 | 002,115,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012.07.26 04:20:44 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe PRC - [2012.06.28 16:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe PRC - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe PRC - [2010.10.12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Epson Software\Event Manager\EEventManager.exe PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Programme\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe PRC - [2007.11.26 14:51:00 | 001,085,440 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Programme\DSL-Manager\DslMgr.exe PRC - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe ========== Modules (No Company Name) ========== MOD - [2013.02.19 16:24:38 | 001,262,192 | ---- | M] () -- C:\Programme\Movie2KDownloader.com\Movie2KDownloader.exe MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV - [2013.02.13 19:19:12 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.02.13 19:19:05 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.01.10 00:26:37 | 001,532,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc) SRV - [2013.01.10 00:26:08 | 000,364,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm) SRV - [2013.01.10 00:26:01 | 000,349,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM) SRV - [2012.12.18 20:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.06 05:23:01 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker) SRV - [2012.12.06 05:22:59 | 000,117,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service) SRV - [2012.11.06 05:54:13 | 002,205,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.11.06 05:18:36 | 000,136,704 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV - [2012.09.20 07:32:32 | 002,151,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService) SRV - [2012.09.20 06:55:29 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2012.09.20 06:53:51 | 000,095,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc) SRV - [2012.09.20 06:53:35 | 000,142,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure) SRV - [2012.07.26 04:30:33 | 000,013,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend) SRV - [2012.07.26 04:20:19 | 000,051,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc) SRV - [2012.07.26 04:20:13 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc) SRV - [2012.07.26 04:20:11 | 000,192,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc) SRV - [2012.07.26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc) SRV - [2012.07.26 04:20:04 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc) SRV - [2012.07.26 04:19:54 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2012.07.26 04:19:40 | 002,028,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2012.07.26 04:19:21 | 000,138,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc) SRV - [2012.07.26 04:19:21 | 000,062,976 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup) SRV - [2012.07.26 04:18:47 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso) SRV - [2012.07.26 04:18:24 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS) SRV - [2012.07.26 04:18:18 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc) SRV - [2012.07.26 04:18:13 | 000,261,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService) SRV - [2012.07.26 04:17:58 | 000,109,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AUInstallAgent.dll -- (AllUserInstallAgent) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange) SRV - [2012.07.26 01:27:36 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat) SRV - [2011.11.25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Programme\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2008.10.23 17:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Stopped] -- C:\Programme\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService) SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2013.01.10 02:07:00 | 000,024,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV - [2012.11.29 06:42:09 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc) DRV - [2012.11.27 10:01:26 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\Drivers\avgntflt.sys -- (avgntflt) DRV - [2012.11.27 04:54:13 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV - [2012.11.27 04:53:14 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid) DRV - [2012.11.22 15:51:13 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avkmgr.sys -- (avkmgr) DRV - [2012.11.22 15:50:51 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avipbb.sys -- (avipbb) DRV - [2012.11.20 05:56:58 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c) DRV - [2012.11.06 07:37:04 | 000,361,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3) DRV - [2012.11.06 04:52:56 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM) DRV - [2012.10.12 08:12:33 | 000,023,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2012.10.11 06:45:31 | 000,050,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam) DRV - [2012.10.11 06:28:23 | 000,046,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor) DRV - [2012.10.11 05:40:26 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WSDScan.sys -- (WSDScan) DRV - [2012.09.20 08:09:32 | 000,031,464 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist) DRV - [2012.09.20 07:34:12 | 000,268,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI) DRV - [2012.09.20 07:34:10 | 000,179,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000) DRV - [2012.09.20 07:34:07 | 000,097,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV - [2012.09.20 07:30:10 | 000,121,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.07.26 05:17:18 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv) DRV - [2012.07.26 04:48:44 | 000,058,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex) DRV - [2012.07.26 04:42:33 | 000,068,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS) DRV - [2012.07.26 04:42:32 | 000,099,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV - [2012.07.26 04:42:32 | 000,070,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass) DRV - [2012.07.26 04:42:31 | 000,085,232 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware) DRV - [2012.07.26 04:42:19 | 000,285,424 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV - [2012.07.26 04:42:19 | 000,080,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt) DRV - [2012.07.26 04:42:18 | 000,076,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor) DRV - [2012.07.26 04:42:18 | 000,066,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci) DRV - [2012.07.26 04:42:15 | 000,238,320 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport) DRV - [2012.07.26 04:42:15 | 000,059,120 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis) DRV - [2012.07.26 04:40:36 | 000,038,640 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS) DRV - [2012.07.26 04:40:10 | 000,256,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS) DRV - [2012.07.26 04:39:55 | 000,029,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt) DRV - [2012.07.26 04:34:01 | 000,199,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter) DRV - [2012.07.26 04:33:00 | 000,130,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus) DRV - [2012.07.26 04:33:00 | 000,042,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt) DRV - [2012.07.26 04:33:00 | 000,032,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc) DRV - [2012.07.26 04:30:33 | 000,028,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot) DRV - [2012.07.26 03:37:58 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WSDPrint.sys -- (WSDPrintDevice) DRV - [2012.07.26 03:36:54 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV - [2012.07.26 03:36:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf) DRV - [2012.07.26 03:36:36 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo) DRV - [2012.07.26 03:36:35 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender) DRV - [2012.07.26 03:35:30 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap) DRV - [2012.07.26 03:35:28 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig) DRV - [2012.07.26 03:35:10 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic) DRV - [2012.07.26 03:35:06 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime) DRV - [2012.07.26 03:35:04 | 000,009,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter) DRV - [2012.07.26 03:34:43 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr) DRV - [2012.07.26 03:34:42 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV - [2012.07.26 03:34:22 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID) DRV - [2012.07.26 03:34:04 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd) DRV - [2012.07.26 03:33:53 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx) DRV - [2012.07.26 03:33:50 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx) DRV - [2012.07.26 03:33:50 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp) DRV - [2012.07.26 03:33:29 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV - [2012.07.26 03:33:16 | 000,044,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum) DRV - [2012.07.26 03:32:54 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2012.07.26 03:32:53 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc) DRV - [2012.07.26 03:32:02 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr) DRV - [2012.07.26 03:31:11 | 000,110,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV - [2012.07.26 03:30:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp) DRV - [2012.07.26 03:30:39 | 000,084,480 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu) DRV - [2012.06.02 15:31:30 | 002,273,280 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\athr.sys -- (athr) DRV - [2012.06.02 15:31:30 | 000,055,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\L1E62x86.sys -- (L1E) DRV - [2011.12.01 11:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\NBVol.sys -- (NBVol) DRV - [2011.12.01 11:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\NBVolUp.sys -- (NBVolUp) DRV - [2007.08.01 14:49:00 | 000,016,448 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\System32\Drivers\dslmnlwf.sys -- (DslMNLwf) DRV - [2007.07.31 02:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\ATKACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 75 C9 FC 63 9C 00 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.02.03 10:29:12 | 000,000,000 | ---D | M] [2013.02.19 16:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert Müller\AppData\Roaming\mozilla\Firefox\Profiles\extensions [2013.02.13 20:17:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Herbert Müller\AppData\Roaming\mozilla\Firefox\Profiles\0\extensions [2013.02.13 20:17:34 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Herbert Müller\AppData\Roaming\mozilla\firefox\profiles\0\extensions\torntv@torntv.com.xpi [2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Herbert Müller\AppData\Roaming\mozilla\firefox\profiles\extensions\movie2kdownloader@movie2kdownloader.com.xpi O1 HOSTS File: ([2012.07.26 05:17:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE (SEIKO EPSON CORPORATION) O4 - Startup: C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk = C:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Free YouTube Download - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ASUS O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E592EF3-22F9-4C8D-AD32-38D52FEEFC34}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A807FF0D-7124-4DB1-BBE0-56F32C4564A1}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.01.19 23:57:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1b3724fb-ae43-11e1-a5d8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{1b3724fb-ae43-11e1-a5d8-806e6f6e6963}\Shell\AutoRun\command - "" = "E:\InstallNavi.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.19 16:24:43 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\PutLockerDownloader [2013.02.19 16:24:37 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com [2013.02.19 16:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Movie2KDownloader.com [2013.02.14 21:15:40 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Adobe [2013.02.14 21:13:37 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Desktop\nero 11 [2013.02.14 19:21:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\de [2013.02.14 19:21:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2013.02.14 19:20:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2013.02.14 19:18:43 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Windows Live [2013.02.14 19:16:13 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\NeroVideo [2013.02.14 19:15:58 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Nero [2013.02.14 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Nero [2013.02.14 19:02:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero [2013.02.14 19:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2013.02.14 19:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2013.02.14 18:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\Nero [2013.02.14 18:21:31 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\craagle [2013.02.14 18:11:10 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Desktop\Epson Drucker [2013.02.14 17:56:47 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Epson [2013.02.14 17:55:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013.02.14 17:46:07 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\ABBYY [2013.02.14 17:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint [2013.02.14 17:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 9.0 Sprint [2013.02.14 17:44:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ABBYY [2013.02.14 17:44:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ABBYY [2013.02.14 17:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL [2013.02.14 17:40:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [2013.02.14 17:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software [2013.02.14 17:39:35 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet [2013.02.14 17:39:30 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\InstallShield [2013.02.14 17:39:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON [2013.02.14 17:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2013.02.14 17:38:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2013.02.14 17:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\epson [2013.02.14 17:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2013.02.14 17:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2013.02.13 21:21:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2013.02.13 21:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.02.13 21:17:20 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\ExpressFiles [2013.02.13 20:46:35 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\avs4you.all.products.activator.2011._v1.1_ [2013.02.13 20:41:23 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\AVS_Video_Editor_6.3.1.231 [2013.02.13 20:17:34 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Mozilla [2013.02.13 20:17:32 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com [2013.02.13 20:17:32 | 000,000,000 | ---D | C] -- C:\Program Files\TornTV.com [2013.02.13 20:00:22 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\AVS4YOU [2013.02.13 19:59:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia [2013.02.13 19:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU [2013.02.13 19:58:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU [2013.02.09 14:11:42 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\Nic%20P%20-%20Der%20Junge%20mit%20der%20Luftgitarre%20%282011%29 [2013.02.09 14:10:54 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Desktop\Fasching 2013 [2013.02.09 14:10:17 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\VA - Ariola Faschings Sampler-2010-CannaPower [2013.02.09 14:07:51 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\WinZip [2013.02.08 17:52:46 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\DVDVideoSoftIEHelpers [2013.02.08 17:45:00 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2013.02.08 17:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2013.02.08 17:44:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer [2013.02.08 17:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2013.02.08 17:39:21 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Conduit [2013.02.08 17:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2013.02.08 17:36:58 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\DVDVideoSoft [2013.02.08 17:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2013.02.08 17:36:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2013.02.08 16:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2013.02.08 16:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2013.02.08 16:15:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.02.08 13:44:14 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\WinZip Courier [2013.02.08 13:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZipEC [2013.02.08 13:43:39 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\assembly [2013.02.07 21:03:18 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\TuneUp Software [2013.02.07 21:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.02.07 21:03:02 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.02.07 21:03:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.02.07 21:02:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2013.02.07 21:02:48 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in [2013.02.07 21:02:47 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2013.02.07 21:02:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2013.02.07 21:02:28 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Winamp [2013.02.07 21:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2013.02.07 21:02:28 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\OpenCandy [2013.02.07 17:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [2013.02.07 17:40:11 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\Documents\Add-in Express [2013.02.07 17:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip [2013.02.07 17:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip [2013.02.04 19:04:08 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\vlc [2013.02.04 19:01:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAce [2013.02.04 19:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\WinAce [2013.02.04 19:00:47 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\WinRAR [2013.02.04 19:00:47 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.02.04 19:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2013.02.04 19:00:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2013.02.04 18:59:31 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Apple Computer [2013.02.04 18:59:31 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Apple Computer [2013.02.04 18:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.02.04 18:59:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE [2013.02.04 18:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.02.04 18:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.02.04 18:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013.02.04 18:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013.02.04 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Apple [2013.02.04 18:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2013.02.04 18:57:25 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.02.04 18:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.02.04 18:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013.02.03 13:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.02.03 13:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.02.03 10:29:52 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\RealNetworks [2013.02.03 10:29:11 | 000,000,000 | ---D | C] -- C:\Program Files\RealNetworks [2013.02.03 10:29:07 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2013.02.03 10:28:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared [2013.02.03 10:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2013.02.03 10:28:15 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013.02.03 10:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Real [2013.02.03 10:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.02.03 10:26:18 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Real [2013.02.03 10:26:06 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.02.03 10:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2013.02.02 14:21:57 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2013.02.02 13:59:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.02.02 13:59:25 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Canneverbe Limited [2013.02.02 13:59:17 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP [2013.02.02 12:57:29 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Identities [2013.02.02 12:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\T-Online [2013.02.02 12:46:49 | 000,026,816 | ---- | C] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\System32\drivers\DslTestSp5.sys [2013.02.02 12:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\T-Com [2013.02.02 12:46:29 | 000,016,448 | ---- | C] (T-Systems Enterprise Services GmbH) -- C:\WINDOWS\System32\drivers\dslmnlwf.sys [2013.02.02 12:46:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSL-Manager [2013.02.02 12:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\DSL-Manager [2013.02.02 12:46:28 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2013.02.02 12:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2013.02.02 12:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2013.02.02 12:45:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.02.02 12:40:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH [2013.02.02 12:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.02.01 18:02:48 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Avira [2013.02.01 17:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.02.01 17:57:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2013.02.01 17:57:02 | 000,134,336 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2013.02.01 17:57:02 | 000,083,944 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2013.02.01 17:57:02 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2013.02.01 17:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.02.01 17:57:00 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2013.02.01 17:51:39 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Macromedia [2013.02.01 12:46:27 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.02.01 12:46:27 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\Searches [2013.02.01 12:46:27 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.02.01 12:46:21 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Adobe [2013.02.01 12:45:38 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\VirtualStore [2013.02.01 12:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2013.02.01 12:45:29 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Packages [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2013.02.01 12:43:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2013.02.01 12:43:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution [2013.02.01 12:43:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2013.02.01 12:40:28 | 000,000,000 | --SD | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft [2013.02.01 12:40:28 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.02.01 12:40:28 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\Favorites [2013.02.01 12:40:28 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\Desktop [2013.02.01 12:40:28 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.02.01 12:40:28 | 000,000,000 | R--D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Vorlagen [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\AppData\Local\Verlauf [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\AppData\Local\Temporary Internet Files [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Startmenü [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\SendTo [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Recent [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Netzwerkumgebung [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Lokale Einstellungen [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Documents\Eigene Videos [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Documents\Eigene Musik [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Eigene Dateien [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Documents\Eigene Bilder [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Druckumgebung [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Cookies [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\AppData\Local\Anwendungsdaten [2013.02.01 12:40:28 | 000,000,000 | -HSD | C] -- C:\Users\Herbert Müller\Anwendungsdaten [2013.02.01 12:40:28 | 000,000,000 | -H-D | C] -- C:\Users\Herbert Müller\AppData [2013.02.01 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Temp [2013.02.01 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Local\Microsoft [2013.02.01 12:40:28 | 000,000,000 | ---D | C] -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2013.02.01 12:36:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2013.02.01 12:34:52 | 000,000,000 | ---D | C] -- C:\Windows.old [2013.02.01 11:57:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2 C:\Users\Herbert Müller\Documents\*.tmp files -> C:\Users\Herbert Müller\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.19 18:20:05 | 000,000,000 | ---- | M] () -- C:\Users\Herbert Müller\defogger_reenable [2013.02.19 16:14:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.02.18 21:06:06 | 000,000,952 | ---- | M] () -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2013.02.18 17:51:12 | 000,753,134 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.02.18 17:51:12 | 000,710,244 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.02.18 17:51:12 | 000,155,826 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.02.18 17:51:12 | 000,132,614 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.02.15 20:11:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.02.15 20:11:12 | 1688,698,880 | -HS- | M] () -- C:\hiberfil.sys [2013.02.14 17:55:14 | 000,302,456 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.02.14 17:54:52 | 311,390,365 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013.02.14 17:41:45 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss [2013.02.13 21:17:43 | 000,000,009 | ---- | M] () -- C:\END [2013.02.12 13:03:04 | 000,001,270 | ---- | M] () -- C:\Users\Herbert Müller\Desktop\Free YouTube Uploader.lnk [2013.02.08 17:52:45 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk [2013.02.08 17:52:44 | 000,001,356 | ---- | M] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.02.08 16:28:56 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.02.08 14:52:00 | 000,038,023 | ---- | M] () -- C:\Users\Herbert Müller\Desktop\Veranstaltungsübersicht+-+2013+-.pdf [2013.02.04 18:59:28 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.04 18:47:39 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.02.03 10:29:17 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.02.03 10:28:15 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\WINDOWS\System32\pncrt.dll [2013.02.02 13:59:19 | 000,001,895 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.02.02 12:46:57 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2013.02.02 12:42:42 | 000,000,668 | ---- | M] () -- C:\Users\Herbert Müller\Desktop\Herbert Müller.lnk [2013.02.02 12:42:21 | 000,000,367 | ---- | M] () -- C:\Users\Herbert Müller\Desktop\Systemsteuerung.lnk [2013.02.01 17:57:10 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.02.01 12:50:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2013.02.01 12:43:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2013.02.01 12:43:23 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2013.02.01 12:23:35 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2013.01.30 11:49:55 | 002,359,350 | ---- | M] () -- C:\Users\Herbert Müller\Desktop\Mainz2013.bmp [2 C:\Users\Herbert Müller\Documents\*.tmp files -> C:\Users\Herbert Müller\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.19 18:20:05 | 000,000,000 | ---- | C] () -- C:\Users\Herbert Müller\defogger_reenable [2013.02.14 19:21:31 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [2013.02.14 19:21:23 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [2013.02.14 17:54:52 | 311,390,365 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2013.02.14 17:53:25 | 000,302,456 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.02.14 17:41:44 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss [2013.02.13 14:31:36 | 000,386,577 | ---- | C] () -- C:\WINDOWS\System32\ApnDatabase.xml [2013.02.12 13:03:04 | 000,001,270 | ---- | C] () -- C:\Users\Herbert Müller\Desktop\Free YouTube Uploader.lnk [2013.02.08 17:38:55 | 000,000,009 | ---- | C] () -- C:\END [2013.02.08 17:37:12 | 000,001,356 | ---- | C] () -- C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk [2013.02.08 17:37:12 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk [2013.02.08 16:28:56 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.02.08 16:28:56 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.02.08 14:01:58 | 000,038,023 | ---- | C] () -- C:\Users\Herbert Müller\Desktop\Veranstaltungsübersicht+-+2013+-.pdf [2013.02.07 21:03:06 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\50 FREE MP3s +1 Free Audiobook!.lnk [2013.02.04 18:59:28 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.02.04 18:57:39 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.02.04 18:47:39 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.02.03 11:26:57 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll [2013.02.03 10:29:17 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2013.02.02 14:25:27 | 000,002,143 | R-S- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk [2013.02.02 13:59:19 | 000,001,895 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.02.02 13:59:19 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.02.02 12:46:57 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013.02.02 12:46:49 | 000,000,952 | ---- | C] () -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2013.02.02 12:42:42 | 000,000,668 | ---- | C] () -- C:\Users\Herbert Müller\Desktop\Herbert Müller.lnk [2013.02.02 12:42:21 | 000,000,367 | ---- | C] () -- C:\Users\Herbert Müller\Desktop\Systemsteuerung.lnk [2013.02.02 12:41:24 | 000,000,291 | ---- | C] () -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk [2013.02.01 17:57:10 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.02.01 12:50:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_LocationProvider_01_11_00.Wdf [2013.02.01 12:46:21 | 000,001,438 | ---- | C] () -- C:\Users\Herbert Müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.02.01 12:40:25 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2013.02.01 12:40:25 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2013.02.01 12:35:57 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2012.12.24 14:45:58 | 000,216,314 | ---- | C] () -- C:\Users\Herbert Müller\548716_393191237429792_233463617_n.jpg [2012.07.26 09:41:52 | 000,753,134 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2012.07.26 09:41:52 | 000,305,546 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2012.07.26 09:41:52 | 000,155,826 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2012.07.26 09:41:52 | 000,040,390 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2012.07.26 07:55:27 | 000,710,244 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2012.07.26 07:55:27 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2012.07.26 07:55:27 | 000,132,614 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2012.07.26 07:55:27 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2012.07.26 07:53:47 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2012.07.26 07:53:46 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT [2012.07.26 07:03:55 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 02:20:38 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll [2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll [2012.07.25 21:41:36 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 21:25:49 | 000,982,240 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin [2012.07.25 21:25:49 | 000,439,308 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin [2012.07.25 21:25:49 | 000,092,356 | ---- | C] () -- C:\WINDOWS\System32\igfcg500m.bin [2012.07.25 21:24:47 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin [2012.07.14 03:00:46 | 000,043,882 | ---- | C] () -- C:\WINDOWS\System32\srms.dat [2012.06.08 13:38:00 | 000,070,613 | ---- | C] () -- C:\Users\Herbert Müller\GRSTW 1.JPG [2012.06.08 13:38:00 | 000,043,907 | ---- | C] () -- C:\Users\Herbert Müller\GRSTW.JPG [2012.06.02 21:25:24 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat [2012.06.02 15:31:24 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin [2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2010.01.31 20:43:47 | 000,000,236 | ---- | C] () -- C:\Users\Herbert Müller\default.pls ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 00:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2012.07.26 04:20:13 | 000,354,304 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.02 13:59:25 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\Canneverbe Limited [2013.02.12 13:02:55 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\DVDVideoSoft [2013.02.08 17:52:46 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\DVDVideoSoftIEHelpers [2013.02.14 17:56:47 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\Epson [2013.02.13 21:17:24 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\ExpressFiles [2013.02.08 17:52:26 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\OpenCandy [2013.02.07 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\Herbert Müller\AppData\Roaming\TuneUp Software ========== Purity Check ========== < End of report > Extras.txt OTL Extras logfile created on: 19.02.2013 18:21:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Herbert Müller\Downloads Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16484) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,97 Gb Total Physical Memory | 1,20 Gb Available Physical Memory | 61,25% Memory free 3,97 Gb Paging File | 2,74 Gb Available in Paging File | 69,04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 97,65 Gb Total Space | 19,87 Gb Free Space | 20,35% Space Free | Partition Type: NTFS Drive D: | 200,43 Gb Total Space | 120,39 Gb Free Space | 60,07% Space Free | Partition Type: NTFS Computer Name: ASUS_HERBY | User Name: Herbert Müller | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{65E47B27-1D51-4C09-8162-42E3EBF0C1BA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{C19A2430-E48F-42E1-8FB2-77032C1F72D9}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{08CC38A2-D23E-4FB4-9F58-D8A844DAB3AC}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{09930545-0BFF-4F4D-AD30-83545527F517}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{112F58B2-9CEC-4E58-906C-55D39924E222}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{14BDD85B-DDE4-44E7-A7DC-72CE5ED17736}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{1BD889D4-5E60-496F-AC05-C7F3407030EA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{2A7F6CA3-83D8-49A9-8348-EB876F8C605C}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{336D3DE3-4996-403A-8D96-6BDB979F94E5}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{33A46FF6-A9A5-4058-AED1-7CE35E83D356}" = dir=out | name=windows_ie_ac_001 | "{351F9626-9983-470E-98ED-F87C2A7A454B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3C52EC74-C0AB-4155-8578-E2ABF0B9C069}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{3E9EAB15-39A6-4EBC-A8C9-CC789D11FBBD}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{447E3382-B5E7-48C3-9973-F7C8D4A83F4D}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{4B4203C7-7C22-45CB-82C6-762B6985B8EE}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{4D9035EB-CD4D-4011-B419-95526F09C53C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{54AFD1F4-F908-4D77-8AE0-0707080751E1}" = dir=in | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{595778FF-9571-4090-B628-DD389FBD2826}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressfiles.exe | "{5C5FB541-D3C5-4579-AB5F-B6367DC03B1D}" = dir=out | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{5D1D0F33-062E-44FA-8624-48ADADE35A7C}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{634987D6-2357-49FF-9697-0D3BC56E8B0E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{6366172A-4DB8-49AF-A7B6-6AE2E06A814D}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{63962645-22B9-4822-9BB7-FA3C24561E33}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{6C965AE4-23B3-4955-8613-2AE6CC94436A}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{6D1D9210-6271-4238-963F-A4F91DF69126}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{71A75E43-BAC2-4B35-A782-BC58B7F44A06}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{7F77FC5E-FBA1-44C8-89C6-7B4311DABEE7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{85CB4F21-8F0F-4FE6-8449-7B2C2FA2AFA9}" = protocol=17 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | "{91FB00A6-7DBA-4F19-95D7-D07D2211F0F7}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressfiles.exe | "{940257D0-FDA9-44D4-A6B0-15A4CD75E563}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{95EA69C0-C1A4-4709-889C-7324EE2BA656}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{A5C33A79-2FC9-43E2-8FD0-B1D0D8BBCEBE}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{A78DFD5F-1FC4-4EC5-9EDD-615DD7EB68E8}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{A7E1A78D-F009-4461-933C-3586B9ED08C1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A9E35CE4-E447-4E19-A7CF-FC83DBB90D48}" = dir=in | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{AA952245-D019-40E0-8C5B-284EEFBAE5C6}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{B428749C-53A8-4589-87DC-F2F35403344D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{BDEECD8D-1E05-4252-8256-5F7EFD5069D4}" = protocol=17 | dir=in | app=c:\program files\expressfiles\expressdl.exe | "{C170524E-3212-48CE-A778-C3B17FDBA725}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{C8C1657E-7684-4BF0-8A76-095A330F6900}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{CB4A2EB8-7586-49B0-9ACF-3C3B0F8D7685}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{CD9D681A-3637-4AD5-A388-B85DA9E83088}" = protocol=6 | dir=in | app=e:\network\epsonnetsetup\eneasyapp.exe | "{D0229427-FE9F-408B-86F5-2D380BF266E3}" = protocol=6 | dir=in | app=c:\program files\expressfiles\expressdl.exe | "{D6B1186D-14A9-4B8D-9B90-03542FBE8DD3}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{DF6B1D9B-2D41-4955-9E8E-A2ACD276AF5E}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{DFDE1530-48E0-49D9-9F35-553B91DB6C37}" = dir=out | name=@{microsoft.bing_1.2.0.137_x86__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{E49D638A-8E47-450C-88E8-29570C7463EB}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{E645CC3F-29AA-4F3F-8E80-9EBD148177B7}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x86__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EBC600F2-FCCB-4C8E-8174-D843908C8402}" = dir=in | app=c:\program files\itunes\itunes.exe | "{F299661C-B02F-409C-A25D-642568B56947}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{F4333175-81EE-4E35-8F1C-5A8D0F2EA151}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{F851CCAB-B9F3-44DD-9CE9-586F44CCDC3B}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "TCP Query User{059564F2-45A6-41BC-AC3B-EC2944345C06}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | "TCP Query User{4A4BAA19-4490-418D-AC7D-6B64A9E4F349}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "TCP Query User{84381D44-7F07-4350-8E7C-FC189A90B6AA}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | "TCP Query User{EEF2B03E-0B18-4494-A570-2D7A1E234DB7}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{2D470C4B-DE5F-4162-B83C-3815F689121B}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{7B38D354-6EF0-410A-8316-F716B925A5C7}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | "UDP Query User{826FD54B-D481-4AEC-8777-589695065F01}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | "UDP Query User{EDFAF862-61C0-4AEE-AC90-E2E10B581BFE}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi "{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11 "{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11 "{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11 "{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11 "{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes "{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM) "{3B418709-D688-4E3A-BE0E-7D71FA84C948}" = Nero 11 PiP Effects 1 "{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie "{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print "{4382FC76-8100-4951-8658-31834E625E88}" = Nero 11 Video Transitions 1 "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience) "{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM) "{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM) "{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM) "{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic "{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3 "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}" = Nero 11 Platinum "{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2 "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2 "{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1 "{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples "{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2 "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1 "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11 "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch "{ACD6B383-EC5B-4000-A455-CCB308B447FE}" = Nero 11 Kwik Themes 4 "{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader "{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts "{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11 "{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1 "{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) "{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack "{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM) "{BA499CC0-12C0-4BA5-9007-76844B721158}" = Nero 11 Kwik Themes 3 "{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11 "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}" = WinZip 17.0 "{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM) "{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM) "{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM) "{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11 "{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common "{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic "{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM) "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples "{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic "{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint "{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM) "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11 "1ClickDownload" = Movie2KDownloader "7-Zip" = 7-Zip 9.20 "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint "Avira AntiVir Desktop" = Avira Free Antivirus "EPSON Scanner" = EPSON Scan "EPSON SX430 Series" = EPSON SX430 Series Printer Uninstall "EPSON SX430 Series Bog" = Benutzerhandbuch - Grundlagen EPSON SX430 Series "EPSON SX430 Series Netg" = Netzwerkhandbuch EPSON SX430 Series "EPSON SX430 Series Useg" = Benutzerhandbuch EPSON SX430 Series "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128 "Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.40.128 "RealPlayer 16.0" = RealPlayer "VLC media player" = VLC media player 2.0.5 "WinAce Archiver" = WinAce Archiver "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.20 (32-bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 17.02.2013 18:30:04 | Computer Name = Asus_Herby.ASUS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 12075 Error - 17.02.2013 18:30:04 | Computer Name = Asus_Herby.ASUS | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 12075 Error - 18.02.2013 12:31:32 | Computer Name = Asus_Herby.ASUS | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 18.02.2013 12:35:49 | Computer Name = Asus_Herby.ASUS | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften Prozesses: 0x1ea0 Startzeit der fehlerhaften Anwendung: 0x01ce0df3d781a097 Pfad der fehlerhaften Anwendung: C:\Program Files\DSL-Manager\DslMgrSvc.exe Pfad des fehlerhaften Moduls: C:\Program Files\DSL-Manager\DslMgrSvc.exe Berichtskennung: 404a12f5-79e9-11e2-afa9-002618a7bb2b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 18.02.2013 14:52:00 | Computer Name = Asus_Herby.ASUS | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 11.0.5510.0, Zeitstempel: 0x3f1380f0 Name des fehlerhaften Moduls: OUTLLIB.dll, Version: 11.0.5608.0, Zeitstempel: 0x3f35d24e Ausnahmecode: 0xc0000005 Fehleroffset: 0x001a6a65 ID des fehlerhaften Prozesses: 0x1924 Startzeit der fehlerhaften Anwendung: 0x01ce0e08f925b654 Pfad der fehlerhaften Anwendung: C:\PROGRA~1\MICROS~1\OFFICE11\OUTLOOK.EXE Pfad des fehlerhaften Moduls: C:\PROGRA~1\MICROS~1\OFFICE11\OUTLLIB.dll Berichtskennung: 469802c6-79fc-11e2-afa9-002618a7bb2b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 18.02.2013 15:12:31 | Computer Name = Asus_Herby.ASUS | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften Prozesses: 0x1510 Startzeit der fehlerhaften Anwendung: 0x01ce0e0b0d982377 Pfad der fehlerhaften Anwendung: C:\Program Files\DSL-Manager\DslMgrSvc.exe Pfad des fehlerhaften Moduls: C:\Program Files\DSL-Manager\DslMgrSvc.exe Berichtskennung: 243d4e56-79ff-11e2-afa9-002618a7bb2b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 19.02.2013 11:17:08 | Computer Name = Asus_Herby.ASUS | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Name des fehlerhaften Moduls: DslMgrSvc.exe, Version: 6.91.8434.1, Zeitstempel: 0x4900aa18 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000c41a ID des fehlerhaften Prozesses: 0x10f0 Startzeit der fehlerhaften Anwendung: 0x01ce0eb3dfc9a802 Pfad der fehlerhaften Anwendung: C:\Program Files\DSL-Manager\DslMgrSvc.exe Pfad des fehlerhaften Moduls: C:\Program Files\DSL-Manager\DslMgrSvc.exe Berichtskennung: 6c9bba80-7aa7-11e2-afa9-002618a7bb2b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 19.02.2013 12:00:27 | Computer Name = Asus_Herby.ASUS | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 19.02.2013 12:03:25 | Computer Name = Asus_Herby.ASUS | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Nero\Nero 11\nero backitup\NBVSSTool_x64.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 19.02.2013 12:04:54 | Computer Name = Asus_Herby.ASUS | Source = SideBySide | ID = 16842761 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\WinZip\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files\WinZip\adxloader.dll.Manifest" in Zeile 2. Das Stammelement der Manifestdatei muss assembliert sein. [ System Events ] Error - 17.02.2013 09:22:55 | Computer Name = Asus_Herby.ASUS | Source = Service Control Manager | ID = 7034 Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert. Error - 17.02.2013 09:41:07 | Computer Name = Asus_Herby.ASUS | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900. Error - 17.02.2013 17:42:29 | Computer Name = Asus_Herby.ASUS | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900. Error - 17.02.2013 18:11:24 | Computer Name = Asus_Herby.ASUS | Source = Service Control Manager | ID = 7034 Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert. Error - 17.02.2013 18:20:09 | Computer Name = Asus_Herby.ASUS | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900. Error - 17.02.2013 18:20:09 | Computer Name = Asus_Herby.ASUS | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900. Error - 17.02.2013 18:21:06 | Computer Name = Asus_Herby.ASUS | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 51. Der Windows-SChannel-Fehlerstatus lautet: 900. Error - 18.02.2013 12:35:50 | Computer Name = Asus_Herby.ASUS | Source = Service Control Manager | ID = 7034 Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert. Error - 18.02.2013 15:12:31 | Computer Name = Asus_Herby.ASUS | Source = Service Control Manager | ID = 7034 Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert. Error - 19.02.2013 11:17:08 | Computer Name = Asus_Herby.ASUS | Source = Service Control Manager | ID = 7034 Description = Dienst "DSL-Manager" wurde unerwartet beendet. Dies ist bereits 7 Mal passiert. < End of report > |
| Themen zu Antivir wirft häufig infizierte Objekte aus / OTL Analyse |
| 1clickdownload, adobe, antivir, autorun, avg, avira, bho, bonjour, converter, defender, desktop, dvdvideosoft ltd., error, explorer, firefox, format, infizierte, install.exe, installation, logfile, mp3, registry, richtlinie, rundll, security, software, tarma, udp, warnung, windows |
Baum-Darstellung