| slayerized | 29.07.2012 09:33 |
Diversen Trojanern/Viren! Malwarebytes, OTL und CCleaner logs enthalten
Hi,
mein PC schlägt ständig Alarm wegen Malware etc.
Hier das Ergebnis von Malwarebytes: Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.07.29.03
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Juhas :: JUHAS-PC [Administrator]
29.07.2012 09:56:59
mbam-log-2012-07-29 (09-56-59).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 174234
Laufzeit: 11 Minute(n), 55 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Daten: C:\Users\Juhas\AppData\Local\{5d94ea0f-5d99-037e-5dc9-c9d3e0f21f11}\n. -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 1
C:\Users\Juhas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 4
C:\Users\Juhas\AppData\Local\Temp\gweho.exe (Trojan.Agent.H) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juhas\AppData\Local\Temp\~!#A2A0.tmp (RootKit.0Access) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juhas\AppData\Local\Temp\~!#B00F.tmp (Trojan.Lameshield) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Juhas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
Die Ergebnisse von OTL
otl.txt Code:
OTL logfile created on: 29.07.2012 10:15:02 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Juhas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,58% Memory free
4,00 Gb Paging File | 2,89 Gb Available in Paging File | 72,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 54,38 Gb Free Space | 73,06% Space Free | Partition Type: NTFS
Drive E: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 239,81 Gb Free Space | 51,49% Space Free | Partition Type: NTFS
Drive G: | 7,46 Gb Total Space | 4,73 Gb Free Space | 63,40% Space Free | Partition Type: FAT32
Computer Name: JUHAS-PC | User Name: Juhas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Juhas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
========== Modules (No Company Name) ==========
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (wjlcvq) -- C:\Windows\System32\drivers\ttjqm.sys ()
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc. )
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (PID_PEPI) -- C:\Windows\System32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\System32\drivers\lv302af.sys (Logitech Inc.)
DRV - (VIAudio) -- C:\Windows\System32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 8F A0 C6 5F FF CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3ABD1E00-591F-4ECC-81E1-6C22D7FF0888}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=NDV&o=15765&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=NY&apn_dtid=YYYYYYYYDE&apn_uid=7422EF91-5E6F-4848-9992-F622E22ECD18&apn_sauid=BC84670B-2B9F-4ED6-8471-3B1B1477BC07&
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.12 18:07:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012.03.12 18:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juhas\AppData\Roaming\mozilla\Extensions
[2012.05.02 10:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juhas\AppData\Roaming\mozilla\Firefox\Profiles\o6eqvsu1.default\extensions
[2012.03.12 18:07:44 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.16 17:02:58 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.16 12:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - Startup: C:\Users\Juhas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19967807-5C61-4218-A279-FA2F5046E454}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F941842-B770-4B28-A4A3-C908C2A42998}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.05.06 14:26:23 | 000,000,309 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011.11.20 16:29:54 | 000,000,000 | ---- | M] () - G:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{1e827198-6ab7-11e1-9ea9-000c76cc4f8c}\Shell - "" = AutoRun
O33 - MountPoints2\{1e827198-6ab7-11e1-9ea9-000c76cc4f8c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007.10.23 09:45:39 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\{d36a2194-d3f7-11e1-9d3d-000c76cc4f8c}\Shell - "" = AutoRun
O33 - MountPoints2\{d36a2194-d3f7-11e1-9d3d-000c76cc4f8c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007.10.23 09:45:39 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\{d36a2199-d3f7-11e1-9d3d-000c76cc4f8c}\Shell - "" = AutoRun
O33 - MountPoints2\{d36a2199-d3f7-11e1-9d3d-000c76cc4f8c}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007.10.23 09:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.29 10:12:37 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Juhas\Desktop\OTL.exe
[2012.07.29 09:55:24 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.29 09:55:24 | 000,000,000 | ---D | C] -- C:\Users\Juhas\AppData\Roaming\Malwarebytes
[2012.07.29 09:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.29 09:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.29 09:55:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.29 09:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.22 17:07:33 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.07.22 14:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2012.07.22 14:28:48 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick
[2012.07.22 14:28:45 | 000,264,704 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusb.sys
[2012.07.22 14:28:45 | 000,055,808 | ---- | C] (AVM GmbH) -- C:\Windows\System32\avmadd32.dll
[2012.07.22 14:28:45 | 000,033,792 | ---- | C] (AVM GmbH) -- C:\Windows\System32\avmcowlan.dll
[2012.07.22 14:28:45 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2012.07.22 14:28:43 | 000,000,000 | ---D | C] -- C:\Users\Juhas\AVM_Driver
[2012.07.14 11:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\6F63A588004FAE5318125713F875EF7E
[2012.07.11 15:58:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.11 15:58:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.11 15:58:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.11 15:58:26 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.11 15:58:25 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.11 15:58:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.11 15:58:23 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.11 15:56:17 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 08:18:47 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 08:18:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.11 08:18:42 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
========== Files - Modified Within 30 Days ==========
[2012.07.29 10:12:44 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Juhas\Desktop\OTL.exe
[2012.07.29 10:09:56 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\ttjqm.sys
[2012.07.29 09:58:13 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.29 09:58:13 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.29 09:56:08 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.29 09:55:06 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.29 09:50:37 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.29 09:48:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.29 09:48:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.29 09:48:08 | 1610,260,480 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.22 19:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.22 14:55:11 | 000,002,060 | ---- | M] () -- C:\Users\Juhas\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.07.22 14:55:11 | 000,001,989 | ---- | M] () -- C:\Users\Juhas\Desktop\Avira DE-Cleaner.lnk
[2012.07.22 14:31:03 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.22 14:31:03 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.22 14:31:03 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.22 14:31:03 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.12 13:47:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 13:47:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:13:06 | 000,292,696 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2012.07.29 10:09:56 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\ttjqm.sys
[2012.07.29 09:55:06 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.22 18:38:33 | 000,019,968 | ---- | C] () -- C:\Users\Juhas\AppData\Local\{5d94ea0f-5d99-037e-5dc9-c9d3e0f21f11}\U\800000cb.@
[2012.07.22 18:38:33 | 000,013,312 | ---- | C] () -- C:\Users\Juhas\AppData\Local\{5d94ea0f-5d99-037e-5dc9-c9d3e0f21f11}\U\80000000.@
[2012.07.22 14:55:11 | 000,002,060 | ---- | C] () -- C:\Users\Juhas\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.07.22 14:55:11 | 000,001,989 | ---- | C] () -- C:\Users\Juhas\Desktop\Avira DE-Cleaner.lnk
[2012.07.22 14:28:45 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2012.07.16 09:14:50 | 000,001,712 | ---- | C] () -- C:\Users\Juhas\AppData\Local\{5d94ea0f-5d99-037e-5dc9-c9d3e0f21f11}\U\00000001.@
[2012.03.12 17:24:11 | 000,007,202 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2012.03.11 12:58:25 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.03.11 10:47:59 | 000,004,998 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2012.03.10 17:11:35 | 000,002,048 | -HS- | C] () -- C:\Users\Juhas\AppData\Local\{5d94ea0f-5d99-037e-5dc9-c9d3e0f21f11}\@
< End of report >
Ergebnis Extras.txt Code:
OTL Extras logfile created on: 29.07.2012 10:15:02 - Run 1
OTL by OldTimer - Version 3.2.55.0 Folder = C:\Users\Juhas\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 54,58% Memory free
4,00 Gb Paging File | 2,89 Gb Available in Paging File | 72,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 54,38 Gb Free Space | 73,06% Space Free | Partition Type: NTFS
Drive E: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 465,76 Gb Total Space | 239,81 Gb Free Space | 51,49% Space Free | Partition Type: NTFS
Drive G: | 7,46 Gb Total Space | 4,73 Gb Free Space | 63,40% Space Free | Partition Type: FAT32
Computer Name: JUHAS-PC | User Name: Juhas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1F96FC18-FCDD-4FCB-9E0C-33834F69FE18}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{245A16D0-1B0A-4DCB-A160-CFED914CEF3C}" = rport=138 | protocol=17 | dir=out | app=system |
"{2EF43A50-E19E-461D-ABC7-684561889209}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2F23235D-81EF-4ED1-B1A9-973744D3D605}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34F4874A-DE61-4478-BF7A-B177B02DA47A}" = rport=445 | protocol=6 | dir=out | app=system |
"{3CC16CDB-1678-4C5C-8AD1-D053384027AF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{42200CF2-B32F-479B-87C4-1AB7A15FF38D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4722B092-4371-4E4F-9EC3-E6CEA483E2BD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{6AC41E9C-FE5C-4454-830E-3A692305F2AC}" = lport=138 | protocol=17 | dir=in | app=system |
"{79A92E57-C52E-4FCD-BFA3-2EEC1C914E14}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8A383DA7-7D12-472E-B5FE-3B79B0B0B085}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93718EA0-932B-4967-A90C-C807624940FB}" = lport=445 | protocol=6 | dir=in | app=system |
"{B912EE30-977F-499A-ADEE-CD3B63ECE382}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BAAF3B03-A3E6-43DE-8BA4-4DDB4ECA73A3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD28BAF4-E150-485F-A29B-D557DB1B9090}" = lport=137 | protocol=17 | dir=in | app=system |
"{E147B506-AB58-474A-B592-3B79A478B950}" = lport=139 | protocol=6 | dir=in | app=system |
"{E55FD168-B10A-4FC7-8981-D0CA03F41E7F}" = rport=137 | protocol=17 | dir=out | app=system |
"{EF684990-E1D0-473E-8CFC-4CEEC6B8AF19}" = rport=139 | protocol=6 | dir=out | app=system |
"{F0DFCEE3-9F49-4673-9AC2-DB6F98C5C25A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F4F85840-DBED-449A-80C4-B17BA85D9FA3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FA0E3E32-A43E-47A1-824B-ADE445B037CE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E28546-22AB-4B23-9F03-BCF739EE25C5}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{29693D10-57A5-4DF6-886F-41452B82DF4C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3E3D995D-1847-4DE8-A0DC-97524B8D86D8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E9DDE6D-FEC3-401B-A6BF-EDBE78AE84E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{49F7E8DF-59C3-4B8B-BAC9-41A001F9DB57}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{59E6E57A-C1A2-47F7-B302-DD299836B2FA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B6681B6-3F92-4AB7-922D-75BC99869BF9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{77058B90-49DC-4AD4-8ABB-9A3CC5E48FD4}" = protocol=6 | dir=out | app=system |
"{89A3A707-4237-4E7C-9D2D-0E3B67F85019}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E1D5E03-F7DB-40B1-B3BB-21DC8EA47462}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9B83118A-C26C-4FFF-BE52-6E7EB47FE504}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9C137EAB-8484-44F1-A974-E221047840D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B565FF29-6D16-41BE-ABA3-D93457D65FD0}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{C9D49CA3-4040-417C-BD19-49D45C6EAA3A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4F9DDDE-6759-435F-A65E-62DB202D67C5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DF0DD2B9-5EAA-4ED3-8948-1AA549A28B8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5FF9DB6-8142-4040-91AD-585F44E161A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FE3D744E-9CD6-4FF9-ADDC-9EAC7E5B1964}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{37C631A6-CE49-47B9-9AC7-D51B7986931E}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{98FC238A-0143-45D4-B507-3865B63FAF07}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{1A916190-72C0-48A1-8323-A50C7FF2BE89}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{4377A408-774B-4283-A008-60FA86E4E38E}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NVIDIA Drivers" = NVIDIA Drivers
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2012 11:30:57 | Computer Name = Juhas-PC | Source = ESENT | ID = 215
Description = WinMail (4040) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 09.07.2012 15:33:54 | Computer Name = Juhas-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
Version: 11.3.300.262, Zeitstempel: 0x4fe21212 Ausnahmecode: 0xc0000005 Fehleroffset:
0x0066d2ff ID des fehlerhaften Prozesses: 0xd3c Startzeit der fehlerhaften Anwendung:
0x01cd5e089a19dd4e Pfad der fehlerhaften Anwendung: C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
04514741-c9fd-11e1-bb2c-000c76cc4f8c
Error - 22.07.2012 12:36:08 | Computer Name = Juhas-PC | Source = VSS | ID = 8194
Description =
[ Media Center Events ]
Error - 22.07.2012 08:25:41 | Computer Name = Juhas-PC | Source = MCUpdate | ID = 0
Description = 14:25:41 - Fehler beim Herstellen der Internetverbindung. 14:25:41
- Serververbindung konnte nicht hergestellt werden..
Error - 22.07.2012 08:26:18 | Computer Name = Juhas-PC | Source = MCUpdate | ID = 0
Description = 14:25:46 - Fehler beim Herstellen der Internetverbindung. 14:25:46
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 16.07.2012 03:25:32 | Computer Name = Juhas-PC | Source = DCOM | ID = 10010
Description =
Error - 18.07.2012 02:06:28 | Computer Name = Juhas-PC | Source = DCOM | ID = 10010
Description =
Error - 18.07.2012 02:07:13 | Computer Name = Juhas-PC | Source = DCOM | ID = 10005
Description =
Error - 18.07.2012 02:07:13 | Computer Name = Juhas-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 18.07.2012 02:07:13 | Computer Name = Juhas-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 22.07.2012 08:30:18 | Computer Name = Juhas-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{19967807-5C61-4218-A279-FA2F5046E454} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 22.07.2012 08:30:18 | Computer Name = Juhas-PC | Source = NetBT | ID = 4321
Description = Der Name "JUHAS-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.136 registriert werden. Der Computer mit IP-Adresse 192.168.2.122
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 22.07.2012 08:30:18 | Computer Name = Juhas-PC | Source = NetBT | ID = 4321
Description = Der Name "JUHAS-PC :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.136 registriert werden. Der Computer mit IP-Adresse 192.168.2.122
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 22.07.2012 08:35:03 | Computer Name = Juhas-PC | Source = NetBT | ID = 4321
Description = Der Name "JUHAS-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 192.168.2.136 registriert werden. Der Computer mit IP-Adresse 192.168.2.122
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 22.07.2012 11:23:44 | Computer Name = Juhas-PC | Source = DCOM | ID = 10010
Description =
< End of report >
Installierte Programme
Bericht CCleaner Code:
7-Zip 4.65 10.03.2012
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 12.07.2012 6,00MB 11.3.300.265
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12.07.2012 6,00MB 11.3.300.265
Adobe Reader X (10.1.3) - Deutsch Adobe Systems Incorporated 18.06.2012 121MB 10.1.3
Avira Free Antivirus Avira 08.05.2012 109MB 12.0.0.1125
CCleaner Piriform 24.07.2012 3.21
Google Toolbar for Internet Explorer Google Inc. 15.03.2012 7.3.2710.138
Internet-TV für Windows Media Center Microsoft Corporation 24.05.2012 13,6MB 4.2.2.0
Java(TM) 6 Update 31 Oracle 11.03.2012 95,1MB 6.0.310
Logitech Vid HD Logitech Inc.. 12.03.2012 7.2 (7259)
Logitech Webcam Software Logitech Inc. 12.03.2012 43,8MB 12.10.1113
Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 29.07.2012 18,7MB 1.62.0.1300
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 10.03.2012 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 10.03.2012 2,93MB 4.0.30319
Microsoft Silverlight Microsoft Corporation 11.05.2012 40,4MB 4.1.10329.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 23.04.2012 300KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 11.03.2012 240KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 10.03.2012 596KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 23.04.2012 600KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 23.04.2012 12,2MB 10.0.40219
Mozilla Firefox 10.0.2 (x86 de) Mozilla 12.03.2012 35,4MB 10.0.2
OpenOffice.org 3.3 OpenOffice.org 10.03.2012 412MB 3.3.9567
PlayReady PC Runtime x86 Microsoft Corporation 12.03.2012 1,65MB 1.3.0
Windows Media Center Add-in for Silverlight Microsoft Corporation 24.05.2012 245KB 4.7.3.0
Bitte sagt mir ob noch Handlungsbedarf besteht. :pfeiff:
Danke schonmal für die Hilfe!! |
