tcbhn.exe wurde beendet und geschlossen. Hallo,
ich habe das gleiche Problem wie bei: http://www.trojaner-board.de/134519-...schlossen.html
Jedesmal wenn ich meinen Laptop hochfahre kommt diese Fehlermeldung: "tcbhn.exe wurde beendet und geschlossen." und wenn ich es schließe taucht diese in wenigen Minuten wieder auf.
Es passiert sonst nichts, ist aber nervig.
hier die Logs
Zoek.exe Code:
Zoek.exe Version 4.0.0.2 Updated 06-May-2013
Tool run by Nils on 06.05.2013 at 13:28:11,16.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default
---- Lines blabbers removed from prefs.js ----
---- Lines blabbers modified from prefs.js ----
user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9,foxyproxy%40eric.h.jung:4.2,%7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8,youtubeunblocker%40unblocker.yt:0.4.2,bbrs_002%40blabbers.com:1.0.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1");
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1347148330793}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"D:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1365775778643}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1367838327708},\"DivXWebPlayer@divx.com\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\DivXWebPlayer@divx.com.xpi\",\"mtime\":1348392877052},\"foxyproxy@eric.h.jung\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\foxyproxy@eric.h.jung\",\"mtime\":1361143806044},\"youtubeunblocker@unblocker.yt\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\youtubeunblocker@unblocker.yt.xpi\",\"mtime\":1366118331923},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi\",\"mtime\":1355312325092},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"mtime\":1360863437849},\"{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\":{\"descriptor\":\"C:\\\\Users\\\\Nils\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\nvis6il1.default\\\\extensions\\\\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi\",\"mtime\":1362165799516}}}]");
---- Lines blabbers removed from user.js ----
---- FireFox user.js and prefs.js backups ----
user__1334_.backup
prefs__1334_.backup
==== Deleting Files \ Folders ======================
"C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Runner.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job" deleted
"C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job" deleted
"C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe" deleted
"C:\Program Files\Common Files\DVDVideoSoft\TB" deleted
"C:\Users\Nils\AppData\Roaming\BrowserCompanion" deleted
"C:\ProgramData\GinyasBrowserCompanion" not deleted
"C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default\extensions\bbrs_002@blabbers.com" deleted
"C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default\extensions\bbrs_002@blabbers.com" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Nils\AppData\Local\Temp ====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
2013-05-06 10:43:30 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-10 17:30:40 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-05-04 19:23:15 -------- d-----w- C:\Program Files\DivX
2013-04-28 08:25:22 -------- d-----w- C:\Program Files\Microsoft
2013-04-10 16:24:44 -------- d-----w- C:\Program Files\Common Files\Skype
2013-04-07 09:45:26 -------- d-----w- C:\Program Files\Microsoft Works
2013-04-07 09:44:30 -------- d-----w- C:\Program Files\Microsoft Visual Studio
2013-04-07 09:44:30 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2013-04-07 09:41:00 -------- d-----w- C:\Program Files\Microsoft Visual Studio 8
2013-04-07 09:39:48 -------- d-----w- C:\Program Files\Microsoft Office
======= C: =====
====== C:\Users\Nils\AppData\Roaming ======
2013-04-27 10:52:24 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help
2013-04-27 10:52:24 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help
2013-04-12 17:52:09 1F55F8EBC0F65DD8AE5E60D2BFF82D9A 3584 ----a-w- C:\users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-04-07 09:39:56 -------- d-----w- C:\users\Nils\AppData\Local\Microsoft Help
====== C:\Users\Nils ======
2013-05-04 19:17:02 -------- d-----w- C:\ProgramData\DivX
2013-04-28 08:25:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2013-04-07 09:47:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2013-04-07 09:39:47 -------- d-----w- C:\ProgramData\Microsoft Help
====== C: exe-files ==
2013-05-06 10:42:29 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(3).exe
2013-05-06 09:01:14 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(2).exe
2013-05-06 08:59:36 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-05-06 08:56:16 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Nils\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-04 19:16:47 D1E02B0F533E5D1DF24CD40C1BD74D10 952128 ----a-w- C:\Users\Nils\Downloads\DivXInstaller.exe
2013-05-02 22:38:04 8F11F0321ED84B1533FC1384AC71AC8D 59784 ----atw- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
2013-05-02 22:38:04 00F714CA28A01FACB709486D6DA306A8 59784 ----atw- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
2013-05-02 22:38:03 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
2013-05-02 22:37:56 4E252E85E5DC31BD645E809222AFAF27 287624 ----atw- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
2013-05-02 22:37:55 76B35CB0F3A4E69D6DFF27F542B9F856 216968 ----atw- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
2013-05-02 22:37:53 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleUpdate.exe
2013-05-02 22:37:51 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Users\Nils\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
=== C: other files ==
2013-05-06 10:43:30 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"
[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"GoogleChromeAutoLaunch_1C06F4F014860E95AE736C749201F366"="C:\Users\Nils\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe /c"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min"
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"DivXMediaServer"="d:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"SysTrayApp"="%ProgramFiles%\IDT\WDM\sttray.exe "
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"GoogleChromeAutoLaunch_1C06F4F014860E95AE736C749201F366"="C:\Users\Nils\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe /c"
==== Startup Registry Disabled ======================
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Nils\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
==== Startup Folders ======================
2012-09-06 17:05:50 748 ----a-w- C:\users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16.04.2013 15:23]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000Core.job --a------ C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe [06.09.2012 22:02]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000UA.job --a------ C:\Users\Nils\AppData\Local\Google\Update\GoogleUpdate.exe [06.09.2012 22:02]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default
- FoxyProxy Basic - %ProfilePath%\extensions\foxyproxy@eric.h.jung
- DivX Web Player - %ProfilePath%\extensions\DivXWebPlayer@divx.com.xpi
- YouTube Unblocker - %ProfilePath%\extensions\youtubeunblocker@unblocker.yt.xpi
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\nvis6il1.default
3D928B3FE97C403A33F803B3D1A260C9 - C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update
F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U17
D4BD9F86123C87ECA570418B69326F99 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2
F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bodddioamolcibagionmmobehnbhiakf - C:\Program Files\BrowserCompanion\blabbers-ch.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Nils\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[27.09.2012 21:12]
Browser Companion Helper - Nils - Default\Extensions\bodddioamolcibagionmmobehnbhiakf
DvdVideoSoft Free Youtube Download - Nils - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
==== Chrome Fix ======================
C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.de/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Nils\AppData\Local\Mozilla\Firefox\Profiles\nvis6il1.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Nils\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Nils\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Nils\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\ProgramData\GinyasBrowserCompanion" not found Extras.Txt Code:
OTL Extras logfile created on: 06.05.2013 16:56:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nils\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,19% Memory free
6,23 Gb Paging File | 4,42 Gb Available in Paging File | 71,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,48 Gb Total Space | 32,42 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 349,45 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{156CAAC6-F103-4B5E-892F-F7D7B2938272}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{188B4B2A-9CD6-457A-995A-5B2E48848DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{295DCB38-B590-41DE-9FFB-E1661DACF17F}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{77D7A71A-9108-491F-A412-AED387EADE6A}" = protocol=6 | dir=in | app=d:\program files\steam\steam.exe |
"{7F7F850F-06BE-4274-8CF7-1B2F8D087D76}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{859347F0-0EC1-4DFA-9C82-01D1E723679E}" = protocol=17 | dir=in | app=d:\program files\steam\steam.exe |
"{8AE456CF-C542-4CE7-8223-6119FC48B030}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{9E3FC560-6FFD-40D2-9323-18B83BE93FDB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEA63DF1-7FD2-4378-ABCB-05B73BFEA746}" = protocol=17 | dir=in | app=d:\program files\ventrilo\ventrilo.exe |
"{AFD51B85-9501-4957-994A-195E3027EAFD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D583F902-43E3-4EAB-9BC3-AD0E2E340E69}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EE7A9D0B-7F27-4D87-93A1-F289E66508E0}" = protocol=6 | dir=in | app=d:\program files\ventrilo\ventrilo.exe |
"{F556CFE5-A020-4012-9BA5-7071F7287AF9}" = protocol=6 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{FBE47B90-97F3-46F6-8A3F-270AC7EDD2B7}" = protocol=17 | dir=in | app=d:\program files\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"TCP Query User{0E3FEF09-40C0-4ABF-8AC7-23786D6606F5}D:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\program files\guild wars 2\gw2.exe |
"TCP Query User{481187EC-461B-4DAA-B073-454B3AD0B4E8}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe |
"TCP Query User{556EFF0B-FF6C-45D3-A53F-E5D115C31C51}D:\program files\valve\hl.exe" = protocol=6 | dir=in | app=d:\program files\valve\hl.exe |
"TCP Query User{55F2CB84-4240-446F-BABC-82B4184D39A3}D:\program files\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=d:\program files\guild wars 2\gw2.exe |
"TCP Query User{6FF65213-7205-4D4D-A673-00776C27DC64}D:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=d:\program files\skype\phone\skype.exe |
"TCP Query User{81604724-FBE0-43EA-9124-00421260DFD1}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{77B619EA-70CE-4CC2-82EB-81F39E9302C8}D:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\program files\guild wars 2\gw2.exe |
"UDP Query User{99AC6B79-076E-4D4D-ACF5-55EC49BBBC91}D:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=d:\program files\skype\phone\skype.exe |
"UDP Query User{B0173481-2700-444D-AA9F-54E3B7C53334}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D48467AB-B4C2-4656-9B16-606F9B121954}D:\program files\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=d:\program files\guild wars 2\gw2.exe |
"UDP Query User{DBE97F2C-2899-4FE9-8FFC-5593A757815B}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe |
"UDP Query User{E572545A-B1FD-451A-84E1-8498E692794B}D:\program files\valve\hl.exe" = protocol=17 | dir=in | app=d:\program files\valve\hl.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{759E97EC-9E3D-4F55-C321-7819C93F0887}" = ccc-utility
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Pro Control Center
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2EAE643-8804-9420-5DBE-2752D6957964}" = AMD Catalyst Install Manager
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA042EF2-5103-2F7E-C313-976C6F761EBE}" = AMD Fuel
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Divinity II - Ego Draconis_is1" = Divinity II - Ego Draconis
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Free YouTube Download_is1" = Free YouTube Download version 3.1.37.918
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"GinyasBrowserCompanion" = GinyasBrowserCompanion
"Guild Wars" = GUILD WARS
"Guild Wars 2" = Guild Wars 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"paw·ned²" = paw·ned² v1.3
"Steam App 72850" = The Elder Scrolls V: Skyrim
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Guild Wars" = GUILD WARS
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.05.2013 19:50:07 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x198, Anwendungsstartzeit 01ce49eb4432c168.
Error - 05.05.2013 19:50:07 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x1f4, Anwendungsstartzeit 01ce49eb4432e878.
Error - 06.05.2013 04:33:52 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0xa80, Anwendungsstartzeit 01ce4a346e881f04.
Error - 06.05.2013 04:38:28 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description =
Error - 06.05.2013 04:46:49 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x17d8, Anwendungsstartzeit 01ce4a356f3adf94.
Error - 06.05.2013 07:11:22 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x8e8, Anwendungsstartzeit 01ce4a4a63a4c0a0.
Error - 06.05.2013 07:13:03 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x1f4, Anwendungsstartzeit 01ce4a4aaceb8a4a.
Error - 06.05.2013 07:13:03 | Computer Name = Nils-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.9, Zeitstempel 0x5121f458,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode
0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x82c, Anwendungsstartzeit 01ce4a4aacfb8fda.
Error - 06.05.2013 07:19:33 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description =
Error - 06.05.2013 08:01:11 | Computer Name = Nils-PC | Source = LoadPerf | ID = 3002
Description =
[ System Events ]
Error - 25.12.2012 13:14:42 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 25.12.2012 um 18:11:55 unerwartet heruntergefahren.
Error - 28.12.2012 10:43:08 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 28.12.2012 um 14:38:54 unerwartet heruntergefahren.
Error - 28.12.2012 17:28:18 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 28.12.2012 um 21:50:20 unerwartet heruntergefahren.
Error - 29.12.2012 06:39:58 | Computer Name = Nils-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 29.12.2012 um 11:37:51 unerwartet heruntergefahren.
Error - 04.01.2013 14:20:46 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 06.01.2013 12:23:28 | Computer Name = Nils-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.21 für die Netzwerkkarte mit der Netzwerkadresse
00265E44810B wurde durch den DHCP-Server 192.168.200.253 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 08.01.2013 14:46:28 | Computer Name = Nils-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 08.01.2013 14:46:35 | Computer Name = Nils-PC | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 12.01.2013 07:42:31 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 18.01.2013 15:27:16 | Computer Name = Nils-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report > und OTL-Txt Code:
OTL logfile created on: 06.05.2013 16:56:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nils\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 50,19% Memory free
6,23 Gb Paging File | 4,42 Gb Available in Paging File | 71,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 63,48 Gb Total Space | 32,42 Gb Free Space | 51,07% Space Free | Partition Type: NTFS
Drive D: | 402,28 Gb Total Space | 349,45 Gb Free Space | 86,87% Space Free | Partition Type: NTFS
Computer Name: NILS-PC | User Name: Nils | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.06 16:54:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nils\Downloads\OTL.exe
PRC - [2013.05.03 00:37:51 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe
PRC - [2013.04.19 23:10:48 | 001,631,144 | ---- | M] (Valve Corporation) -- D:\Program Files\Steam\Steam.exe
PRC - [2013.04.16 15:23:56 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
PRC - [2013.04.12 16:09:38 | 000,920,472 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.29 20:42:03 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.29 20:41:58 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.29 20:41:57 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.29 20:41:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.10.20 21:25:52 | 000,409,696 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\WINWORD.EXE
PRC - [2012.09.28 16:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- D:\Program Files\OpenOffice\program\soffice.bin
PRC - [2012.07.04 08:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.07.04 08:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 15:18:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.04.11 15:18:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.02.26 18:36:46 | 000,030,040 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
PRC - [2009.01.13 16:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe
PRC - [2009.01.08 12:07:56 | 000,450,663 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2009.01.08 12:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.19 23:10:50 | 001,114,024 | ---- | M] () -- D:\Program Files\Steam\bin\chromehtml.dll
MOD - [2013.04.16 15:23:55 | 016,032,648 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_169.dll
MOD - [2013.04.12 16:09:37 | 003,133,336 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- D:\Program Files\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- D:\Program Files\Steam\SDL2.dll
MOD - [2013.02.14 02:07:41 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
MOD - [2013.01.10 04:12:20 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ba58d64562391191a22ad0133512ed6f\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 04:12:09 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013.01.10 04:08:58 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
MOD - [2013.01.10 04:08:33 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
MOD - [2013.01.10 04:08:24 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.01.10 04:08:21 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 04:08:19 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
MOD - [2013.01.10 04:08:11 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
MOD - [2013.01.10 04:08:08 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013.01.10 04:08:03 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
MOD - [2013.01.10 04:08:01 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.01.10 04:07:52 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- D:\Program Files\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- D:\Program Files\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- D:\Program Files\Steam\bin\avutil-51.dll
MOD - [2012.09.28 16:42:42 | 000,095,232 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- D:\Program Files\OpenOffice\program\libxml2.dll
MOD - [2012.07.04 07:09:18 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2011.10.05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
========== Services (SafeList) ==========
SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.16 15:23:56 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.29 20:42:03 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.29 20:41:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.02.28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.28 16:42:26 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.08.25 03:59:11 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.04 08:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2009.02.26 18:36:22 | 000,064,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2009.01.13 16:18:40 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\AEstSrv.exe -- (AESTFilters)
SRV - [2009.01.08 12:07:56 | 000,237,661 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c92065b9\stacsv.exe -- (STacSV)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.03.29 20:42:04 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.29 20:42:04 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.29 20:42:04 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.07.04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.07.04 08:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.07.04 07:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011.05.13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.02.18 09:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2009.01.20 14:49:26 | 000,142,848 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009.01.08 11:07:56 | 000,391,168 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.12.20 00:01:46 | 001,093,120 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.04.28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: foxyproxy%40eric.h.jung:4.2
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: youtubeunblocker%40unblocker.yt:0.4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nils\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: d:\Program Files\Mozilla Firefox\components [2013.04.12 16:09:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2013.04.12 16:09:38 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins
[2012.09.05 21:25:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Extensions
[2013.05.06 13:35:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\nvis6il1.default\extensions
[2013.02.18 01:30:06 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Nils\AppData\Roaming\mozilla\Firefox\Profiles\nvis6il1.default\extensions\foxyproxy@eric.h.jung
[2012.09.23 11:34:37 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\DivXWebPlayer@divx.com.xpi
[2013.04.16 15:18:51 | 000,008,023 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\youtubeunblocker@unblocker.yt.xpi
[2012.12.12 13:38:45 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.02.14 19:37:17 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.01 21:23:19 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Nils\AppData\Roaming\mozilla\firefox\profiles\nvis6il1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll
CHR - plugin: Free Studio (Enabled) = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0\np_dvs_plugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Nils\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: DvdVideoSoft Free Youtube Download = C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_1\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] d:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2793609592-4110117145-1703918749-1000..\Run: [Steam] D:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = D:\Program Files\OpenOffice\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nils\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42C02B9C-E73E-41B9-93B4-BE7DA352336C}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nils\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.06 13:56:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.06 13:38:59 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2013.05.06 13:38:59 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Local\Temp
[2013.05.06 12:43:45 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Roaming\Malwarebytes
[2013.05.06 12:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.05.06 12:43:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.06 12:43:30 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.05.06 12:43:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.04 21:23:15 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2013.05.04 21:17:02 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2013.04.28 10:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.04.28 10:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2013.04.10 23:14:51 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.10 23:14:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.10 23:14:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.10 23:14:49 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.10 23:14:49 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.10 23:14:48 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.10 23:14:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.10 23:14:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.10 19:30:38 | 003,603,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.10 19:30:38 | 003,551,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.10 19:30:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.10 19:29:35 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.04.10 19:29:34 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.10 18:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.04.07 11:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013.04.07 11:47:18 | 000,031,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2013.04.07 11:45:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2013.04.07 11:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2013.04.07 11:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.04.07 11:43:45 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.04.07 11:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2013.04.07 11:39:56 | 000,000,000 | ---D | C] -- C:\Users\Nils\AppData\Local\Microsoft Help
[2013.04.07 11:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.04.07 11:39:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.04.07 11:38:51 | 000,000,000 | RH-D | C] -- C:\MSOCache
========== Files - Modified Within 30 Days ==========
[2013.05.06 16:43:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000UA.job
[2013.05.06 16:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.06 15:55:46 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 15:55:46 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.06 15:22:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.06 13:55:33 | 3218,956,288 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.06 13:28:06 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2013.05.06 12:43:32 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.06 01:51:05 | 000,404,904 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.05.06 00:43:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2793609592-4110117145-1703918749-1000Core.job
[2013.04.16 15:23:56 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.16 15:23:56 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.12 19:52:14 | 000,003,584 | ---- | M] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.12 10:39:31 | 000,002,037 | ---- | M] () -- C:\Users\Nils\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2013.05.06 13:38:59 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2013.05.06 12:43:32 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.12 19:52:09 | 000,003,584 | ---- | C] () -- C:\Users\Nils\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.28 21:22:33 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2012.09.28 16:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.09.05 21:02:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.05 19:15:23 | 000,001,356 | ---- | C] () -- C:\Users\Nils\AppData\Local\d3d9caps.dat
[2012.07.04 07:09:18 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012.03.06 19:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 15:18:30 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 15:18:20 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > Viele dank schonmal in vorraus :) |