Malwarebytes findet 2 Trojaner: rysvizqopyni.exe u. regedit32 OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 04.02.2013 08:00:10 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Documents\Computer
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,73 Gb Total Physical Memory | 5,83 Gb Available Physical Memory | 75,43% Memory free
15,45 Gb Paging File | 13,49 Gb Available in Paging File | 87,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 72,46 Gb Free Space | 60,82% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 908,72 Gb Free Space | 97,55% Space Free | Partition Type: NTFS
Computer Name: HELMUT_1-PC | User Name: Helmut_1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\Documents\Computer\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe ()
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\ACD Systems\DevDetect\DevDetect.exe (ACD Systems, Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll ()
MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll ()
MOD - C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\ASRock Utility\AXTU\Bin\IccLibDll.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (NitroReaderDriverReadSpool3) -- C:\Programme\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (cFosSpeedS) -- C:\Programme\ASRock\XFast LAN\spd.exe (cFos Software GmbH)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (FNETTBOH_305) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS (FNet Co., Ltd.)
DRV:64bit: - (FNETURPX) -- C:\Windows\SysNative\drivers\FNETURPX.SYS (FNet Co., Ltd.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (cFosSpeed) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxhc) -- C:\Windows\SysNative\drivers\amdxhc.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdhub30) -- C:\Windows\SysNative\drivers\amdhub30.sys (Advanced Micro Devices, INC.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFil1.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 C5 4F FE 31 9E CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {34CA3AA2-65C5-4dc0-B3A2-EBD3C3185DB9}
IE - HKCU\..\SearchScopes,DefaultScope = {34CA3AA2-65C5-4dc0-B3A2-EBD3C3185DB9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLEP1&pc=SPLH
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=116267&tt=4412_5&babsrc=SP_ss&mntrId=50c2d3ef000000000000002522db9569
IE - HKCU\..\SearchScopes\{34CA3AA2-65C5-4dc0-B3A2-EBD3C3185DB9}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A6976579318&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A6976579318&q={searchTerms}
IE - HKCU\..\SearchScopes\{972F0259-87CC-40d9-A5AE-4BDB981777CD}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
IE - HKCU\..\SearchScopes\{C20AD646-C303-452A-B9B0-610D2766EB97}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=W3I4&o=15996&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^A9Q&apn_dtid=^YYYYYY^YY^DE&apn_uid=07C39092-E022-4FF2-B90A-EB51CC6ED118&apn_sauid=7A3FBBDA-0271-44E7-A2E1-034F652AB6FF
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
[2012.10.30 09:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL (Bandoo Media, inc)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFil1.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL (Bandoo Media, inc)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FileConverter 1.3 Toolbar) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFil1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FileConverter 1.3 Toolbar) - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files (x86)\FileConverter_1.3\prxtbFil1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [XFast LAN] C:\Programme\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Camera Detector] C:\PROGRA~2\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun File not found
O4 - HKLM..\Run: [NSU_agent] C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [AsrXTU] C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe ()
O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - Startup: C:\Users\Helmut_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk = C:\Windows\Installer\{91CA0407-6000-11D3-8CFE-0150048383C9}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~3\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: google.de ([www] * in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: samsungsetup.com ([www] http in Vertrauenswürdige Sites)
O16:64bit: - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (Reg Error: Key error.)
O16:64bit: - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.3.0/GarminAxControl_64.CAB (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35990697-113B-48A0-9AD8-381350C4559A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll) - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62b8aefc-9c2b-11e0-81b9-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{62b8aefc-9c2b-11e0-81b9-806e6f6e6963}\Shell\AutoRun\command - "" = D:\ASRSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.02 09:13:00 | 000,000,000 | ---D | C] -- E:\Documents\Hijackthis
[2013.01.31 21:02:48 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Roaming\Malwarebytes
[2013.01.31 21:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.31 21:02:35 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.01.31 21:02:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.01.25 13:31:34 | 000,000,000 | ---D | C] -- E:\Documents\TV
[2013.01.25 10:04:19 | 000,000,000 | ---D | C] -- E:\Documents\Rente
[2013.01.18 08:23:16 | 000,000,000 | ---D | C] -- E:\Documents\Kreativität
[2013.01.14 12:23:14 | 000,000,000 | ---D | C] -- E:\Documents\Urlaub
[2013.01.09 11:07:06 | 000,000,000 | ---D | C] -- E:\Documents\Excel
[2013.01.09 07:40:04 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Local\NokiaAccount
[2013.01.09 07:32:25 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 07:32:25 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 07:32:18 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 07:32:17 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 07:32:16 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 07:32:16 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 07:32:16 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 07:32:16 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 07:32:16 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 07:32:16 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 07:32:16 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 07:32:16 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 07:32:16 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 07:32:16 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 07:32:16 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 07:32:16 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 07:32:16 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 07:32:16 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 07:32:16 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 07:32:16 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 07:32:16 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 07:32:16 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 07:32:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 07:32:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 07:32:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 07:32:16 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 07:32:16 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 07:32:16 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 07:32:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 07:32:15 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 07:32:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 07:32:15 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 07:32:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 07:32:15 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 07:32:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 07:32:15 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 07:32:06 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 07:32:05 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 07:32:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 07:32:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 07:32:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 07:32:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 07:32:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 07:32:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 07:32:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 07:32:05 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 07:32:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 07:32:05 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 07:32:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 07:32:05 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 07:32:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 07:32:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 07:32:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 07:32:05 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 07:32:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 07:32:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 07:32:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 07:32:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 07:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 07:32:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 07:32:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 07:31:59 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2013.01.08 18:01:41 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia
[2013.01.08 17:49:26 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Roaming\Nokia
[2013.01.08 17:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
[2013.01.08 17:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite
[2013.01.08 17:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2013.01.08 17:19:37 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Roaming\PC Suite
[2013.01.08 17:19:37 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2013.01.08 17:19:37 | 000,000,000 | ---D | C] -- C:\Users\Helmut_1\AppData\Local\Nokia
[2013.01.08 17:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2013.01.08 17:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2013.01.08 17:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2013.01.08 17:19:03 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2013.01.08 17:19:03 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013.01.08 17:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2013.01.08 17:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2013.01.08 17:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2013.01.08 17:10:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013.01.08 17:10:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013.01.05 09:58:28 | 000,000,000 | ---D | C] -- E:\Documents\Kettwig
========== Files - Modified Within 30 Days ==========
[2013.02.04 07:57:03 | 000,022,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 07:57:03 | 000,022,528 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 07:52:42 | 001,507,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.04 07:52:42 | 000,657,436 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.04 07:52:42 | 000,618,722 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.04 07:52:42 | 000,130,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.04 07:52:42 | 000,107,042 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.04 07:48:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.04 07:48:24 | 1928,552,447 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.03 22:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.03 12:36:48 | 000,001,235 | ---- | M] () -- C:\Users\Helmut_1\Desktop\OTL - Verknüpfung.lnk
[2013.01.31 21:02:40 | 000,001,132 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.31 20:51:40 | 000,000,850 | ---- | M] () -- C:\Users\Helmut_1\AppData\Local\recently-used.xbel
[2013.01.09 20:06:45 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 20:06:45 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 12:13:16 | 001,526,060 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.09 12:13:12 | 000,518,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.08 18:01:41 | 000,002,300 | ---- | M] () -- C:\Users\Helmut_1\Desktop\Nokia Software Updater.lnk
[2013.01.08 17:49:06 | 000,002,057 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2013.01.08 17:48:15 | 040,621,704 | ---- | M] () -- C:\Users\Helmut_1\Desktop\Nokia_PC_Suite_ger_web_7.1.180.46.exe
[2013.01.08 17:32:13 | 000,002,108 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013.01.08 17:20:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2013.01.08 17:11:19 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
========== Files Created - No Company Name ==========
[2013.02.03 12:33:36 | 000,001,235 | ---- | C] () -- C:\Users\Helmut_1\Desktop\OTL - Verknüpfung.lnk
[2013.01.31 21:02:40 | 000,001,132 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.31 20:51:40 | 000,000,850 | ---- | C] () -- C:\Users\Helmut_1\AppData\Local\recently-used.xbel
[2013.01.31 18:56:24 | 000,002,795 | ---- | C] () -- C:\Users\Helmut_1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2003.lnk
[2013.01.08 18:01:41 | 000,002,300 | ---- | C] () -- C:\Users\Helmut_1\Desktop\Nokia Software Updater.lnk
[2013.01.08 17:49:06 | 000,002,057 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk
[2013.01.08 17:47:06 | 040,621,704 | ---- | C] () -- C:\Users\Helmut_1\Desktop\Nokia_PC_Suite_ger_web_7.1.180.46.exe
[2013.01.08 17:20:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
[2013.01.08 17:19:27 | 000,002,108 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk
[2013.01.08 17:10:53 | 000,002,136 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.11.12 11:54:03 | 000,038,413 | ---- | C] () -- C:\Users\Helmut_1\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.11.12 11:35:46 | 000,038,404 | ---- | C] () -- C:\Users\Helmut_1\AppData\Roaming\Microsoft Access.ADR
[2012.10.05 14:29:13 | 000,003,584 | ---- | C] () -- C:\Users\Helmut_1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.05 11:21:51 | 000,038,309 | ---- | C] () -- C:\Users\Helmut_1\AppData\Roaming\Microsoft Excel.ADR
[2012.10.05 10:37:25 | 001,526,060 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.10.05 09:21:52 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.09.29 12:36:48 | 000,001,424 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2012.09.29 12:36:48 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2012.09.29 12:36:48 | 000,001,323 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2012.09.29 12:36:46 | 000,190,464 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.09.29 12:36:46 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.09.29 12:35:24 | 000,000,003 | ---- | C] () -- C:\Users\Helmut_1\AppData\Local\user_data.ini
[2012.09.29 12:16:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.29 12:15:35 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.07.28 16:49:12 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.23 09:05:26 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\ACD Systems
[2012.11.21 12:35:49 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\AnvSoft
[2012.12.24 11:23:13 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Applian FLV and Media Player
[2012.10.30 09:48:09 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Babylon
[2012.10.30 10:00:22 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Canon
[2012.12.14 10:40:40 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\CASIO
[2012.10.05 06:32:22 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.09.29 16:54:51 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\DeviceVm
[2012.10.17 07:43:35 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Downloaded Installations
[2012.11.23 13:24:33 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\DVDVideoSoft
[2012.11.23 13:22:24 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.10.17 07:45:14 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\FileOpen
[2012.10.27 21:06:08 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\FreeAudioPack
[2012.10.05 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Garmin
[2012.11.07 12:55:33 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\KompoZer
[2012.12.28 14:37:09 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\MAGIX
[2012.12.22 10:00:59 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\MotionStudios
[2012.10.17 07:45:14 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Nitro
[2013.01.19 14:40:07 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Nitro PDF
[2013.01.09 07:40:08 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Nokia
[2012.10.27 21:00:44 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\OpenCandy
[2013.01.08 17:57:11 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\PC Suite
[2012.12.17 16:52:58 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\simplitec
[2012.11.01 14:37:14 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Splashtop
[2012.10.27 21:01:42 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\TuneUp Software
[2012.10.05 21:41:42 | 000,000,000 | ---D | M] -- C:\Users\Helmut_1\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 04.02.2013 08:00:10 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Documents\Computer
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,73 Gb Total Physical Memory | 5,83 Gb Available Physical Memory | 75,43% Memory free
15,45 Gb Paging File | 13,49 Gb Available in Paging File | 87,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 72,46 Gb Free Space | 60,82% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 908,72 Gb Free Space | 97,55% Space Free | Partition Type: NTFS
Computer Name: HELMUT_1-PC | User Name: Helmut_1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe ()
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\regedit.exe ()
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1" ()
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files (x86)\ACD Systems\ACDSee\5.0\ACDSee5.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E718BFA-C84D-4DE9-916E-D9C281E0B149}" = lport=42767 | protocol=6 | dir=in | name=mssys42767 |
"{2DC99CF3-6621-4406-8FFE-2B85DD8AF876}" = lport=53797 | protocol=6 | dir=in | name=mssys53797 |
"{32884605-F48F-4E2F-AC43-0B4BDECDA79B}" = lport=64971 | protocol=6 | dir=in | name=mssys64971 |
"{38A22111-BC9F-4C51-8BB7-BF8355D7BDE5}" = lport=62238 | protocol=6 | dir=in | name=mssys62238 |
"{3A50F170-8022-41B2-AE8F-350BEFC2839E}" = lport=47473 | protocol=6 | dir=in | name=mssys47473 |
"{5B8D0256-5CE4-4C02-81B8-5184D4AD9D82}" = lport=47234 | protocol=6 | dir=in | name=mssys47234 |
"{96DCBD8F-A876-40AF-8C39-878F553952DE}" = lport=53984 | protocol=6 | dir=in | name=mssys53984 |
"{DEF8C11E-F99B-42D6-AB2F-55DAA91AA8A6}" = lport=43421 | protocol=6 | dir=in | name=mssys43421 |
"{E336283F-EDE3-418A-BE2B-B9C57F9CBD04}" = lport=41622 | protocol=6 | dir=in | name=mssys41622 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601" = CanoScan LiDE 700F Scanner Driver
"{1B5AC129-F6CC-491E-84DE-1FF2996A0367}" = MAGIX Video deluxe 2013 Premium
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{41968390-377D-0119-5AA9-755B8AF0DA80}" = ccc-utility64
"{474A1588-C5AA-4E97-AC33-1FC451A77F39}" = Nitro Reader 3
"{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}" = MAGIX Slideshow Maker 2
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}" = MAGIX Foto Manager MX Deluxe
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{AE196FD4-5109-21C4-6B2D-C8B60E188EC7}" = AMD Catalyst Install Manager
"{BA3E917A-7DBE-4760-7407-BD6E0EB3CFB2}" = AMD Fuel
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F115C413-A7CE-4E9C-8E6F-881A940CDBB8}" = MAGIX Speed burnR (MSI)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"XFast LAN" = XFast LAN v6.61
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0B5F055F-0D34-C0E0-7E34-45789E958BCE}" = CCC Help English
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{16F4BFFB-6A79-7A40-A591-23C63FC4D595}" = Catalyst Control Center Localization All
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23A7D2CE-1A04-41D6-96A9-65D897E86DC2}" = CCC Help Czech
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{34E23470-E328-BFCD-B3EF-E6E74E87FEDD}" = AMD VISION Engine Control Center
"{3A1EBEF3-9BDC-FFCD-8144-265FD2FD1D33}" = CCC Help Swedish
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{42F965F4-EABA-A9E4-C4B6-38C12EC34FBC}" = CCC Help Polish
"{44E6DE02-8C0D-4A23-8675-2BB1F78B53BC}" = Dynamic Photo Manager
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E8EDE0A-E97B-2475-BF6B-C8FEEC4F4482}" = CCC Help Thai
"{54D84BA3-538A-422C-ADAA-39EBACF98885}" = Dynamic Photo Manager
"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE
"{66E4187B-991A-A4BE-933B-08B3BEBC0EE6}" = CCC Help Chinese Standard
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EB3C538-B9B8-F2BB-AEC4-865AC2DF2EE0}" = CCC Help Finnish
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{70F9C054-B713-B704-2E37-7F78439D5FA8}" = CCC Help Turkish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7130468A-F53F-4698-8C09-A339EA3B05E6}" = Nokia Software Updater
"{716A2D35-F0D5-3BE4-D02A-0C0A2FCDF7BB}" = CCC Help Danish
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7CEED00F-11AC-9C5C-F500-AF86D4C67E40}" = Catalyst Control Center Profiles Mobile
"{831C848D-F785-F9AF-693B-9BD2C9ED5D0B}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84374801-0EEE-9A50-6F79-17E2057CC6C9}" = CCC Help Korean
"{85CE9026-C02A-46B4-B08C-4C77CCCC54FF}" = Windows Live Family Safety
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F10F574-9C09-CEE0-DCC9-317DB01190FC}" = Catalyst Control Center InstallProxy
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9432F8D1-09C7-4C78-8F68-B163206698CD}" = Vasco da Gama 6 HD MAGIX Edition
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{98097DB0-38DE-E2E8-D8F2-97F2816D5D4A}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3B31093-3C8E-3D69-A4EF-2EA950720590}" = CCC Help Japanese
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{AD053B60-BC7C-D749-0D5B-4ADE932AF931}" = CCC Help Hungarian
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFB907F5-C0E6-4753-8284-DE955EF86AC2}" = THX TruStudio
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CDC7F188-3A08-45C3-8C3C-99BE32911949}" = Photo Transport
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D3D3A52A-BD2B-BC1E-903F-A47E00F31AF8}" = CCC Help Greek
"{D541F7BE-3CAC-18C6-43B3-CEAEA5887296}" = CCC Help French
"{D93CC12C-4C40-C463-3463-9E025C277D3C}" = CCC Help Italian
"{DBCB47B1-235E-C4A8-C481-DDA01B49C9A7}" = CCC Help Spanish
"{DD899638-B3F5-A6D0-E263-44D5704A080C}" = CCC Help German
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E71F9BC8-A396-4284-8A27-3FCB63147970}" = ACDSee for PENTAX
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FAEA976B-4C36-141F-C7D8-889E0B067CE0}" = CCC Help Chinese Traditional
"{FCF0E04F-B459-61BE-66B5-B7D02112605F}" = CCC Help Dutch
"{FE7989B2-9F10-977F-3ABD-AF441E38AA41}" = CCC Help Norwegian
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe PDF IFilter 6.0" = Adobe PDF IFilter 6.0
"Any Video Converter_is1" = Any Video Converter 3.5.7
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.94
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.29
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"ExpressRip" = Express Rip
"FileConverter_1.3 Toolbar" = FileConverter 1.3 Toolbar
"FLV Player" = FLV Player 2.0 (build 25)
"Free Audio Converter_is1" = Free Audio Converter version 5.0.20.1031
"MAGIX_{1B5AC129-F6CC-491E-84DE-1FF2996A0367}" = MAGIX Video deluxe 2013 Premium
"MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}" = MAGIX Slideshow Maker 2
"MAGIX_{6E6FF6CD-9CF3-4434-BB5D-24943FD54FFC}" = MAGIX Foto Manager MX Deluxe
"MAGIX_{F115C413-A7CE-4E9C-8E6F-881A940CDBB8}" = MAGIX Speed burnR (MSI)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5b
"Searchqu Toolbar" = Windows Searchqu Toolbar
"Switch" = Switch Audiodatei-Konverter
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite" = Windows Live Essentials
"XFastUsb" = XFastUsb
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.01.2013 03:49:15 | Computer Name = Helmut_1-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 31.01.2013 03:50:04 | Computer Name = Helmut_1-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 31.01.2013 05:07:49 | Computer Name = Helmut_1-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.01.2013 05:22:19 | Computer Name = Helmut_1-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4ce48736 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002ea76 ID des fehlerhaften
Prozesses: 0x1004 Startzeit der fehlerhaften Anwendung: 0x01cdff93c3ee4e72 Pfad der
fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe Pfad des fehlerhaften Moduls:
C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b5bbc6ee-6b87-11e2-b665-002522db9569
Error - 31.01.2013 05:27:52 | Computer Name = Helmut_1-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: userinit.exe, Version: 6.1.7601.17514,
Zeitstempel: 0x4ce79e9a Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000009970a
ID
des fehlerhaften Prozesses: 0x68c Startzeit der fehlerhaften Anwendung: 0x01cdff953d719496
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\userinit.exe Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 7c004230-6b88-11e2-be64-002522db9569
Error - 31.01.2013 05:29:51 | Computer Name = Helmut_1-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MpCmdRun.exe, Version: 4.1.522.0,
Zeitstempel: 0x50515c69 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000009970a
ID
des fehlerhaften Prozesses: 0x704 Startzeit der fehlerhaften Anwendung: 0x01cdff95841820ce
Pfad
der fehlerhaften Anwendung: C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: c2ee37b0-6b88-11e2-b5f1-002522db9569
Error - 31.01.2013 05:31:38 | Computer Name = Helmut_1-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.01.2013 11:56:27 | Computer Name = Helmut_1-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: conhost.exe, Version: 6.1.7601.18015,
Zeitstempel: 0x50b826c0 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec4aa8e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000009970a
ID
des fehlerhaften Prozesses: 0x1694 Startzeit der fehlerhaften Anwendung: 0x01cdffcb87365887
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\conhost.exe Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: c50b8a49-6bbe-11e2-8406-002522db9569
Error - 31.01.2013 11:56:33 | Computer Name = Helmut_1-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.01.2013 12:06:56 | Computer Name = Helmut_1-PC | Source = WinMgmt | ID = 10
Description =
Error - 31.01.2013 13:54:21 | Computer Name = Helmut_1-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 11.11.2012 12:30:05 | Computer Name = Helmut_1-PC | Source = MCUpdate | ID = 0
Description = 17:30:05 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 11.11.2012 12:30:08 | Computer Name = Helmut_1-PC | Source = MCUpdate | ID = 0
Description = 17:30:07 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 11.11.2012 12:30:11 | Computer Name = Helmut_1-PC | Source = MCUpdate | ID = 0
Description = 17:30:09 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
[ System Events ]
Error - 02.02.2013 13:46:16 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 02.02.2013 13:48:36 | Computer Name = Helmut_1-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?02.?2013 um 18:47:41 unerwartet heruntergefahren.
Error - 02.02.2013 14:25:44 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 02.02.2013 18:20:42 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 02.02.2013 18:23:09 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 03.02.2013 01:56:06 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 03.02.2013 04:28:40 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 03.02.2013 08:58:07 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 03.02.2013 09:04:33 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
Error - 03.02.2013 17:53:30 | Computer Name = Helmut_1-PC | Source = DCOM | ID = 10010
Description =
< End of report >
--- --- ---
04.02.2013, 08:08
Baum-Darstellung