Trojaner-Board - Rechner langsam, tlw. hängt er sich sogar auf

Code:

# AdwCleaner v2.105 - Datei am 16/01/2013 um 17:46:01 erstellt

# Aktualisiert am 08/01/2013 von Xplode

# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)

# Benutzer : Chef - HORST

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Nadine\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\ef7c128s.default\searchplugins\MyStart Search.xml

Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\IM

Schlüssel Gelöscht : HKCU\Software\ImInstaller

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C99FDC39-A1AE-4B24-8D71-E5274F8D7C54}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://mystart.incredibar.com/mb117?a=1&i=26 --> hxxp://www.google.com
 

-\\ Mozilla Firefox v10.0.1 (de)
 

Datei : C:\Users\Chef\AppData\Roaming\Mozilla\Firefox\Profiles\ef7c128s.default\prefs.js
 

Gelöscht : user_pref("keyword.URL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q=");
 

Datei : C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\4u19ysw6.default\prefs.js
 

Gelöscht : user_pref("keyword.URL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q=");
 

Datei : C:\Users\Nadine\AppData\Roaming\Mozilla\Firefox\Profiles\vt43pwgp.default\prefs.js
 

Gelöscht : user_pref("keyword.URL", "hxxp://search.hotspotshield.com/g/results.php?c=s&q=");
 

*************************
 

AdwCleaner[R1].txt - [2555 octets] - [16/01/2013 15:20:59]

AdwCleaner[S1].txt - [2204 octets] - [16/01/2013 17:46:01]
 

########## EOF - \AdwCleaner[S1].txt - [2264 octets] ##########

Code:

OTL logfile created on: 16.01.2013 17:52:13 - Run 6

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nadine\Desktop

 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1022,49 Mb Total Physical Memory | 305,14 Mb Available Physical Memory | 29,84% Memory free

3,46 Gb Paging File | 2,62 Gb Available in Paging File | 75,62% Paging File free

Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 1500 3000 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 269,41 Gb Total Space | 107,59 Gb Free Space | 39,94% Space Free | Partition Type: NTFS

Drive D: | 28,67 Gb Total Space | 18,84 Gb Free Space | 65,71% Space Free | Partition Type: FAT32

Drive G: | 465,76 Gb Total Space | 318,39 Gb Free Space | 68,36% Space Free | Partition Type: NTFS

 

Computer Name: HORST | User Name: Chef | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Nadine\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Programme\Microsoft Device Center\ipoint.exe (Microsoft Corporation)

PRC - C:\Programme\Microsoft Device Center\itype.exe (Microsoft Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe (SMART Technologies)

PRC - C:\Programme\Hotspot Shield\bin\openvpnas.exe ()

PRC - C:\Programme\Hotspot Shield\bin\hsswd.exe ()

PRC - C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Programme\Virtual Router\VirtualRouterClient.exe (Chris Pietschmann (hxxp://pietschsoft.com))

PRC - C:\Programme\Virtual Router\VirtualRouterService.exe (Chris Pietschmann (hxxp://pietschsoft.com))

PRC - C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)

PRC - C:\Programme\Common Files\microsoft shared\VS7Debug\mdm.exe (Microsoft Corporation)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\07ea9ea39e1fddc8e4fe8850c849309e\System.WorkflowServices.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\ba5b576bb86b2ea9f2d8840fc26631e3\System.IdentityModel.Selectors.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()

MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()

MOD - C:\Programme\WinRAR\RarExt.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (SMARTHelperService) -- C:\Programme\SMART Technologies\Education Software\SMARTHelperService.exe (SMART Technologies)

SRV - (HssTrayService) -- C:\Programme\Hotspot Shield\bin\HSSTrayService.exe ()

SRV - (hshld) -- C:\Programme\Hotspot Shield\bin\openvpnas.exe ()

SRV - (HssWd) -- C:\Programme\Hotspot Shield\bin\hsswd.exe ()

SRV - (HssSrv) -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)

SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Virtual Router) -- C:\Programme\Virtual Router\VirtualRouterService.exe (Chris Pietschmann (hxxp://pietschsoft.com))

SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)

SRV - (MDM) -- C:\Programme\Common Files\microsoft shared\VS7Debug\mdm.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (catchme) -- C:\Users\Chef\AppData\Local\Temp\catchme.sys File not found

DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)

DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)

DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)

DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)

DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)

DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)

DRV - (SMARTMouseFilterx86) -- C:\Windows\System32\drivers\SMARTMouseFilterx86.sys (SMART Technologies ULC)

DRV - (SMARTVTabletPCx86) -- C:\Windows\System32\drivers\SMARTVTabletPCx86.sys (SMART Technologies ULC)

DRV - (SMARTVHidMini2000x86) -- C:\Windows\System32\drivers\SMARTVHidMini2000x86.sys (SMART Technologies ULC)

DRV - (ACEDRV05) -- C:\Windows\System32\drivers\ACEDRV05.sys (Protect Software GmbH)

DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.)

DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)

DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)

DRV - (netr73) -- C:\Windows\System32\drivers\netr73.sys (Ralink Technology, Corp.)

DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)

DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (NXP Semiconductors)

DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc.              )

DRV - (GigasetGenericUSB) -- C:\Windows\System32\drivers\GigasetGenericUSB.sys (Siemens Home and Office Communication Devices GmbH & Co. KG)

DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)

DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)

DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)

DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1004\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-3613572098-1939478029-272908010-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Hotspot Shield Private Search"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "hxxp://ziebm000.bplaced.net/wordpress/"

FF - prefs.js..extensions.enabledAddons: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2

FF - prefs.js..extensions.enabledAddons: afurladvisor@anchorfree.com:1.0

FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30

FF - prefs.js..extensions.enabledAddons: support@lastpass.com:2.0.0

FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3

FF - prefs.js..extensions.enabledAddons: foxmarks@kei.com:4.1.3

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll ()

FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Users\Marc\AppData\Roaming\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.14 16:56:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.02.14 17:03:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2011.07.22 10:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Extensions

[2011.07.22 10:18:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2013.01.14 23:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ef7c128s.default\extensions

[2013.01.14 23:11:58 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ef7c128s.default\extensions\foxmarks@kei.com

[2013.01.14 23:11:58 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ef7c128s.default\extensions\ich@maltegoetz.de

[2012.07.30 17:23:54 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Chef\AppData\Roaming\mozilla\Firefox\Profiles\ef7c128s.default\extensions\support@lastpass.com

[2012.02.12 14:06:01 | 000,013,074 | ---- | M] () (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\firefox\profiles\ef7c128s.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}.xpi

[2012.09.13 19:50:46 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\Chef\AppData\Roaming\mozilla\firefox\profiles\ef7c128s.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi

[2013.01.16 17:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012.02.14 17:15:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

[2012.02.14 17:15:00 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\AFURLADVISOR@ANCHORFREE.COM

[2012.02.08 21:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2012.02.08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.02.08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012.02.08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012.02.08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.12.29 00:57:34 | 000,001,847 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\privatesearch.xml

[2012.02.08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.02.08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2013.01.14 22:46:49 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Programme\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation)

O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)

O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)

O4 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001..\RunOnce: [Report] \AdwCleaner[S1].txt ()

O4 - Startup: C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O7 - HKU\S-1-5-21-3613572098-1939478029-272908010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3613572098-1939478029-272908010-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.7.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D74C7DD-F05F-410B-92BB-1C56E52AC309}: DhcpNameServer = 192.168.42.129

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27C004EA-8F9A-43B7-AC85-11C801B0074B}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2002.10.02 19:32:44 | 000,000,648 | ---- | M] () - C:\Autorun.exe.manifest -- [ NTFS ]

O32 - AutoRun File - [2005.11.24 21:56:21 | 000,023,934 | ---- | M] () - C:\Autorun.ico -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.01.15 19:09:33 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2013.01.15 19:09:33 | 000,000,000 | ---D | C] -- C:\Users\Chef\AppData\Local\temp

[2013.01.15 19:08:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013.01.14 22:29:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2013.01.14 22:29:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2013.01.14 22:29:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2013.01.14 22:29:24 | 000,000,000 | ---D | C] -- C:\Qoobox

[2013.01.14 16:39:45 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2013.01.11 15:24:50 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client

[2013.01.10 14:10:44 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013.01.10 14:10:19 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2013.01.10 14:10:19 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2013.01.10 14:10:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2013.01.10 14:10:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2013.01.10 14:10:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2013.01.10 14:10:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2013.01.10 14:10:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2013.01.10 14:10:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2013.01.10 14:10:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2013.01.10 14:10:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2013.01.10 14:10:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2013.01.10 14:10:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2013.01.10 14:10:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2013.01.10 14:10:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2013.01.10 14:10:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2013.01.10 14:10:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2013.01.10 14:10:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2013.01.10 14:10:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2013.01.10 14:10:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2013.01.10 14:10:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2013.01.10 14:10:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2013.01.10 14:10:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2013.01.10 14:09:38 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs

[2013.01.10 14:09:38 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs

[2013.01.10 14:09:38 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs

[2013.01.10 14:09:38 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs

[2013.01.10 14:09:38 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs

[2013.01.10 14:09:38 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs

[2013.01.10 14:09:38 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs

[2013.01.10 14:09:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll

[2013.01.10 14:09:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll

[2013.01.10 14:09:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs

[2013.01.10 14:09:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs

[2013.01.10 14:09:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs

[2013.01.10 14:09:35 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs

[2013.01.10 14:09:35 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs

[2013.01.10 14:09:35 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs

[2013.01.10 14:09:35 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs

[2013.01.10 14:09:01 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2013.01.10 14:08:43 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

[2013.01.07 17:10:15 | 000,000,000 | ---D | C] -- C:\Users\Chef\AppData\Local\libimobiledevice

[2012.12.26 21:45:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump

[2012.12.26 21:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny

[2012.12.26 21:15:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log

[2012.12.26 21:12:18 | 000,136,808 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdm.sys

[2012.12.26 21:12:18 | 000,121,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadbus.sys

[2012.12.26 21:12:18 | 000,030,312 | ---- | C] (Google Inc) -- C:\Windows\System32\drivers\ssadadb.sys

[2012.12.26 21:12:18 | 000,012,776 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadmdfl.sys

[2012.12.26 21:12:18 | 000,010,472 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadcmnt.sys

[2012.12.26 21:12:18 | 000,010,344 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\ssadwhnt.sys

[2012.12.26 21:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

[2012.12.26 21:10:37 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll

[2012.12.26 21:10:19 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll

[2012.12.26 21:09:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung

[2012.12.26 21:05:19 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2012.12.24 11:34:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ratDVD

[2012.12.24 11:22:32 | 000,000,000 | ---D | C] -- C:\Program Files\ratDVD

[2012.12.22 16:44:54 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2012.12.22 16:44:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.01.16 17:55:48 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.01.16 17:55:48 | 000,013,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.01.16 17:48:24 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.01.16 17:48:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.01.16 17:48:02 | 804,118,528 | -HS- | M] () -- C:\hiberfil.sys

[2013.01.16 15:09:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.01.14 22:46:49 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2013.01.14 22:09:47 | 000,657,078 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013.01.14 22:09:47 | 000,618,542 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.01.14 22:09:47 | 000,131,602 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013.01.14 22:09:47 | 000,107,682 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.01.11 15:25:12 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk

[2013.01.11 14:49:35 | 000,395,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.01.06 21:02:45 | 000,000,634 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2012.12.26 21:13:23 | 000,001,942 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk

[2012.12.26 17:17:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf

[2012.12.24 11:34:06 | 000,000,963 | ---- | M] () -- C:\Users\Chef\Desktop\ratDVD.lnk

 
 ========== Files Created - No Company Name ==========

 

[2013.01.14 22:29:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2013.01.14 22:29:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2013.01.14 22:29:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2013.01.14 22:29:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2013.01.14 22:29:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2013.01.11 15:25:12 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk

[2012.12.26 21:13:23 | 000,001,942 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk

[2012.12.26 17:17:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ssadadb_01005.Wdf

[2012.12.24 11:34:06 | 000,000,963 | ---- | C] () -- C:\Users\Chef\Desktop\ratDVD.lnk

[2012.11.28 14:17:24 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2012.11.28 14:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2012.11.28 14:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2012.11.28 14:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2012.11.28 14:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2012.07.30 15:34:59 | 000,000,000 | ---- | C] () -- C:\Windows\OpPrintServer.INI

[2012.07.14 20:05:41 | 000,007,634 | ---- | C] () -- C:\Users\Chef\AppData\Local\Resmon.ResmonCfg

[2012.02.24 19:59:18 | 000,200,758 | ---- | C] () -- C:\Windows\System32\WBCustomizer.dll

[2012.02.15 17:50:18 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro36.sys

[2012.02.10 22:16:16 | 000,000,000 | ---- | C] () -- C:\Users\Chef\defogger_reenable

[2012.02.09 17:08:59 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll

[2012.02.09 17:08:59 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll

[2012.02.09 17:08:59 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll

[2012.02.09 17:08:59 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll

[2012.01.15 23:44:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat

[2012.01.13 15:11:19 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2011.12.18 15:42:19 | 000,825,859 | ---- | C] () -- C:\Windows\Diercke Globus Uninstaller.exe

[2011.12.08 21:22:57 | 000,000,072 | ---- | C] () -- C:\Windows\GEOPOOL06.ini

[2011.09.18 16:39:37 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2011.08.02 09:23:40 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll

[2011.07.26 12:17:02 | 000,000,841 | ---- | C] () -- C:\Users\Chef\.recently-used.xbel

[2011.07.22 16:02:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
 

< End of report >

Code:

OTL Extras logfile created on: 16.01.2013 17:52:13 - Run 6

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Nadine\Desktop

 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1022,49 Mb Total Physical Memory | 305,14 Mb Available Physical Memory | 29,84% Memory free

3,46 Gb Paging File | 2,62 Gb Available in Paging File | 75,62% Paging File free

Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 1500 3000 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 269,41 Gb Total Space | 107,59 Gb Free Space | 39,94% Space Free | Partition Type: NTFS

Drive D: | 28,67 Gb Total Space | 18,84 Gb Free Space | 65,71% Space Free | Partition Type: FAT32

Drive G: | 465,76 Gb Total Space | 318,39 Gb Free Space | 68,36% Space Free | Partition Type: NTFS

 

Computer Name: HORST | User Name: Chef | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = htmlfile] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1

 

[HKEY_USERS\S-1-5-21-3613572098-1939478029-272908010-1001\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 

[HKEY_USERS\S-1-5-21-3613572098-1939478029-272908010-1004\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Print_Directory_Listing] -- Printdir.bat "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{094DF5C8-5E34-47D1-9C95-E4A85DA05336}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{0AE48D78-C684-49D1-BB85-B5D4207ECFF5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{177D9991-1191-4537-ADC9-6A9D36729685}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{17FB7B62-6471-4FFE-9DFE-D77345A66C05}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{28E7076B-6AE6-429B-A5EE-856BC0836C12}" = rport=445 | protocol=6 | dir=out | app=system | 

"{2BCE030D-9BFC-4953-A439-1E84ACA7CE94}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{30E9DFF1-B3D4-4608-A922-C91C5C7B2B6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{4DA16026-55B1-4A7A-95E9-52C10DA8D0CC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{4F6193C9-B022-40C7-A39D-9608CBAD6515}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{55C58D14-BBE1-4E6C-A5D5-DDE7E52A07E1}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{5D07E8F4-B7FD-4BE6-8323-245C31EA6F3C}" = rport=138 | protocol=17 | dir=out | app=system | 

"{5FED3513-241E-475D-8032-C6384EDD1309}" = lport=137 | protocol=17 | dir=in | app=system | 

"{67591F38-131E-4377-BC9A-591C74077A2F}" = rport=139 | protocol=6 | dir=out | app=system | 

"{77174805-9C31-43A7-BDFC-C5862897A594}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7A7D3FED-45A6-4184-9DA9-B3FCC9D740E4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{88BC668B-812D-4433-B8AA-898A5AD92C0C}" = lport=138 | protocol=17 | dir=in | app=system | 

"{8FD1AAC7-B545-4891-8768-FA4C54019E79}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{911BC9CD-5965-49B0-8EB6-5412279E15BD}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{95BA0DA3-D525-42F4-A83D-180DD892F767}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{A7A64913-492E-4044-90BB-6BAB03B04CF2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B162D38A-B40D-4BC6-8002-74C6C51B4ED8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{C3D2D02B-D696-4EE2-A013-1CB01D87641A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{CD23630C-277E-4CAF-BDC3-2A610FF89414}" = rport=137 | protocol=17 | dir=out | app=system | 

"{E0EF0CF4-60AD-4DF5-9902-E49511859E83}" = lport=445 | protocol=6 | dir=in | app=system | 

"{FAA67888-6818-48E8-B420-72F13C318CFD}" = lport=139 | protocol=6 | dir=in | app=system | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07A13607-D54F-47D7-B5AA-DA16B4C644B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{07BC63E0-B9F6-46C9-A5B4-7451B9DC4AE0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{09B28B7D-D023-434C-9CA8-19DBD00ACE9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{09E3416E-1815-480B-A6E5-A4164BBA083B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{0CD8C917-7539-401C-A465-22FA49DC1360}" = protocol=17 | dir=in | app=c:\program files\smart technologies\education software\smartsnmpagent.exe | 

"{1A7CD955-FB0B-4801-B758-06A1C0D80D30}" = protocol=6 | dir=in | app=c:\program files\smart technologies\education software\ucservice.exe | 

"{217641B1-96F6-4E6E-851B-FD1C13B8F281}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{22E0F07F-A707-4F77-9193-FA8E42138D77}" = protocol=17 | dir=in | app=c:\program files\smart technologies\education software\ucservice.exe | 

"{2D9E036E-7021-4C46-96F5-C2C3430425ED}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{2F0F4549-F08D-4BAF-835D-60A34E3DF8B1}" = protocol=6 | dir=in | app=c:\program files\smart technologies\education software\ucgui.exe | 

"{3DEEA982-D6CC-4F6E-B159-A5AB4666972E}" = protocol=17 | dir=in | app=c:\program files\smart technologies\education software\ucgui.exe | 

"{3DF12057-368F-480B-97EF-02B7EC9FA41A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{3E1C6713-BC07-4CBE-A141-E879FF3AF672}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{43CB9A94-BA93-46B2-9A63-728CB6C96E52}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{5583928A-9564-4F58-9278-29F3ADF20ACA}" = protocol=6 | dir=in | app=c:\program files\smart technologies\education software\smartsnmpagent.exe | 

"{66E652ED-A9BE-42C4-8D35-18819AE64927}" = protocol=17 | dir=in | app=c:\program files\smart technologies\education software\vantageservice.exe | 

"{73054649-B258-429E-AF53-A97282C61189}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{7BB2741B-8E05-439A-80FA-EA5B684C5D05}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{801F6141-BFF2-4D2A-8F03-802A4791730D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{8857D85B-60E8-4578-B65E-129E719B9EAD}" = protocol=6 | dir=out | app=system | 

"{B1A370EF-5EEA-462F-B4CC-A04FDA69C115}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{BCAFC016-27A2-4147-BB64-59D8632B829C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{BD6DC7AC-DF61-4047-B7FB-ADF4435A741A}" = protocol=6 | dir=in | app=c:\program files\smart technologies\education software\vantageservice.exe | 

"{C71E6965-6FBD-4ED7-886F-6C286015FDBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{CB3CB754-B0AB-4896-937A-16084757600A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 

"{CEA15DB3-A1AB-42AE-B824-AB0DFB623619}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{E08CB087-30F2-4096-8AB0-5926AE98D0F3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{E6E3F9AB-D013-49D8-B8B2-B35AF64AE954}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{F37433B4-26AE-49C0-A9BF-CFFC253AD6D6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{FB7FCCB7-EAE6-4DA2-89D6-654A6C09A2A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Camera Window DS

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{1CF704EF-627B-4957-8B50-5AE4B07EF7B9}_is1" = Omega 1.1

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{266D3AE3-68F5-4589-BE68-D09DFFEFE56F}" = Rund um ... Seydlitz SII Geographie

"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30

"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7

"{2C3CE8F0-F4AD-4D54-A520-975309C617E2}" = LG PC Suite III

"{2F34E931-7BEA-4BC6-8286-4197EC77EF34}" = Garmin TOPO Deutschland 2012 Pro

"{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync

"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll

"{4278B780-6CB5-437A-BA6A-31C7F9FAB980}" = Adobe Flash Player 11 ActiveX

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = RAW Image Task

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}" = SMART Ink

"{516EF56A-048B-4AED-9906-1366639ACEEE}" = Garmin BaseCamp

"{5C3C89CB-A719-46C5-80C7-2E2237AD3692}" = SMART German Language Pack

"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7

"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software

"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7D542452-84EB-47C0-97BA-735C523AB555}" = Garmin Training Center

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{7EF6F18B-B1C5-4A16-A2A0-0F1C66E5B33A}" = TERRA Erdkunde 5-10 Europa

"{80F19EAA-44C4-47C2-AE87-1C7628E858D6}" = Logitech Harmony Remote Software 7

"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8D4B716A-0ABE-4238-9090-D208E5F57A5E}" = SMART Product Update

"{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}" = Virtual Router v0.9 Beta

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010

"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{912B04B3-7C7C-4929-AE68-EC2A4CCB4E73}" = Microsoft-Maus- und Tastatur-Center

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"

"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch

"{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}" = SMART Notebook

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}" = Canon PhotoRecord

"{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF3C170B-D713-4089-84FE-63285B424B95}" = calibre

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU

"{E26F8CE4-C969-11D6-A62C-000475730551}" = Rund um ... Seydlitz SI Geographie

"{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}" = SMART Product Drivers

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}" = SMART Common Files

"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers

"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.41

"Artisteer 3" = Artisteer 3

"Audacity_is1" = Audacity 1.2.6

"Avira AntiVir Desktop" = Avira Free Antivirus

"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8

"CameraWindowDC" = Canon Utilities CameraWindow DC 8

"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX

"Canon MOV Encoder" = Canon MOV Encoder

"CCleaner" = CCleaner

"Defraggler" = Defraggler

"Diercke Globus" = Diercke Globus

"DriverTools" = DriverTools 1.0

"DVD43_is1" = DVD43 v4.6.0

"EasyGPS_is1" = EasyGPS 4.58

"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX

"FileZilla Client" = FileZilla Client 3.6.0.2

"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1

"freeocr_is1" = FreeOCR v4.2

"Haack Weltatlas CD-ROM_is1" = Haack Weltatlas CD-ROM 1.0

"Haack Weltatlas Lehrer-Software Deutschland und Europa_is1" = Klett - HW Lehrer Deutschland und Europa

"HandBrake" = HandBrake 0.9.5

"HotspotShield" = Hotspot Shield 2.24

"InstallShield_{0A146245-DB79-4197-BF5D-FE1A699A2CC7}" = Canon Camera Window DSLR 5 for ZoomBrowser EX

"InstallShield_{44E24545-F317-4498-B7CD-240DE7BA8DE2}" = Canon RAW Image Task for ZoomBrowser EX

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU

"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX

"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)

"Mozilla Thunderbird 10.0.1 (x86 de)" = Mozilla Thunderbird 10.0.1 (x86 de)

"MPE" = MyPhoneExplorer

"NVIDIA Display Control Panel" = NVIDIA Display Control Panel

"NVIDIA Drivers" = NVIDIA Drivers

"Office14.SingleImage" = Microsoft Office Home and Student 2010

"Passfoto Manager_is1" = Passfoto Manager Ver. 1.3

"QuickPar" = QuickPar 0.9

"ratDVD" = ratDVD 0.76.1408

"ST6UNST #1" = GPSSendMap

"TERRA CD-ROM Gymnasium RP 7/8_is1" = die TERRA CD-ROM Gymnasium RP 7/8

"TERRA CD-ROM RP 5-6_is1" = die TERRA CD-ROM RP 5-6

"TERRA die Lernsoftware - Deutschland_is1" = TERRA die Lernsoftware - Deutschland

"UseNeXT_is1" = UseNeXT

"VLC media player" = VLC media player 2.0.3

"Web Diashow_is1" = Web Diashow

"WinGimp-2.0_is1" = GIMP 2.6.11

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR 4.01 (32-Bit)

"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 03.01.2013 12:04:25 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 04.01.2013 05:07:11 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 04.01.2013 06:45:46 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 04.01.2013 07:07:20 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 05.01.2013 08:19:31 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 05.01.2013 10:34:17 | Computer Name = Horst | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 05.01.2013 10:34:17 | Computer Name = Horst | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 15609

 

Error - 05.01.2013 10:34:17 | Computer Name = Horst | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 15609

 

Error - 06.01.2013 09:44:44 | Computer Name = Horst | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common

 Files\SMART Technologies\Support\dpinst64.exe".  Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 07.01.2013 12:12:02 | Computer Name = Horst | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: absinthe.exe, Version: 2.0.0.0, Zeitstempel:

 0x4fc565ac  Name des fehlerhaften Moduls: absinthe.exe, Version: 2.0.0.0, Zeitstempel:

 0x4fc565ac  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00016896  ID des fehlerhaften Prozesses:

 0x308  Startzeit der fehlerhaften Anwendung: 0x01cdecf179a1ddd5  Pfad der fehlerhaften

 Anwendung: C:\Users\Marc\Downloads\absinthe-win-2.0.4\absinthe-win-2.0.4\absinthe.exe

Pfad

 des fehlerhaften Moduls: C:\Users\Marc\Downloads\absinthe-win-2.0.4\absinthe-win-2.0.4\absinthe.exe

Berichtskennung:

 f8112591-58e4-11e2-91f8-0019db5bcec7

 

[ System Events ]

Error - 11.01.2013 09:55:01 | Computer Name = Horst | Source = Service Control Manager | ID = 7022

Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.

 

Error - 12.01.2013 17:30:02 | Computer Name = Horst | Source = Microsoft-Windows-HAL | ID = 12

Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 

der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte

 Firmware verfügbar ist.

 

Error - 13.01.2013 06:10:22 | Computer Name = Horst | Source = WMPNetworkSvc | ID = 866333

Description = 

 

Error - 13.01.2013 15:10:57 | Computer Name = Horst | Source = Microsoft-Windows-HAL | ID = 12

Description = Der Speicher wurde beim letzten Leistungsübergang des Systems von 

der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte

 Firmware verfügbar ist.

 

Error - 14.01.2013 17:33:20 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 14.01.2013 17:41:14 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 14.01.2013 17:46:52 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 15.01.2013 13:56:09 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 15.01.2013 14:03:01 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 15.01.2013 14:06:51 | Computer Name = Horst | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

 

< End of report >