Esrtmal sorry das ich mich erst so spät wieder melde, hatte leider viel zu tun die letzten Tage.
Hier jetzt aber wiedermal paar logs
OTL fix log:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: MannisPC
->Temp folder emptied: 63327200 bytes
->Temporary Internet Files folder emptied: 164046735 bytes
->Java cache emptied: 331915 bytes
->Flash cache emptied: 291 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4256 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 217,00 mb
OTL by OldTimer - Version 3.2.55.0 log created on 09092012_151218
Files\Folders moved on Reboot...
C:\Users\MannisPC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ50XES6\ads[1].htm moved successfully.
C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8EZLK5G\123315-weisser-bildschirm-beim-starten[1].htm moved successfully.
C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CHGA4NMX\ads[2].htm moved successfully.
C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BEB6QCY\ads[1].htm moved successfully.
PendingFileRenameOperations files...
File C:\Users\MannisPC\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat not found!
File C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJ50XES6\ads[1].htm not found!
File C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G8EZLK5G\123315-weisser-bildschirm-beim-starten[1].htm not found!
File C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CHGA4NMX\ads[2].htm not found!
File C:\Users\MannisPC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8BEB6QCY\ads[1].htm not found!
Registry entries deleted on Reboot...
MalewareAntiBytes :
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.09.09.03
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
MannisPC :: MANNISPC-PC [Administrator]
09.09.2012 15:20:06
mbam-log-2012-09-09 (15-23-48).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 196417
Laufzeit: 3 Minute(n), 26 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD31495E-290C-41CF-8C66-7415383F82DE} (Trojan.Banker) -> Keine Aktion durchgeführt.
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
OTL Logfile: Code:
OTL logfile created on: 09.09.2012 15:35:05 - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = E:\Meine Daten\Desktop\nü
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,32 Gb Available Physical Memory | 79,18% Memory free
15,97 Gb Paging File | 14,08 Gb Available in Paging File | 88,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 7,71 Gb Free Space | 19,72% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 28,32 Gb Free Space | 75,98% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 35,71 Gb Free Space | 23,96% Space Free | Partition Type: NTFS
Drive F: | 109,89 Gb Total Space | 74,91 Gb Free Space | 68,17% Space Free | Partition Type: NTFS
Computer Name: MANNISPC-PC | User Name: MannisPC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - E:\Meine Daten\Desktop\nü\OTL.exe (OldTimer Tools)
PRC - C:\Users\MannisPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI CO.,LTD.)
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
========== Modules (No Company Name) ==========
MOD - C:\Users\MannisPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AVM WLAN Connection Service) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe (AVM Berlin)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (EPSON_EB_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (SEIKO EPSON CORPORATION)
SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (fwlanusbn) -- C:\Windows\SysNative\drivers\fwlanusbn.sys (AVM GmbH)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (Pnp680r) -- C:\Windows\SysNative\drivers\PnP680r.sys (Silicon Image, Inc)
DRV - (WinRing0_1_2_0) -- C:\Users\MannisPC\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys (OpenLibSys.org)
DRV - (AODDriver4.01) -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys (Advanced Micro Devices)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys (MSI)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 46 2C C6 F6 8B CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {950969ED-7715-4C3D-9156-4A1ABBD3966C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{950969ED-7715-4C3D-9156-4A1ABBD3966C}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{9DCCB875-C826-4B16-A18A-5968AF656B7F}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\MannisPC\AppData\Roaming\12001.062 [2012.08.11 10:38:28 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2012.09.03 17:35:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (MSI)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\MannisPC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\MannisPC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\MannisPC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\MannisPC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\MannisPC\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{150C32B6-1CC7-4F36-B714-7235236E18C1}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A69F1AB-48EF-486D-8F39-4380BFD2495C}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.22 15:10:21 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.09 15:26:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.09.09 15:26:35 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.09.09 15:26:29 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.09.09 15:26:29 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.09.09 15:26:29 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.09.09 15:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.09.09 15:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.09.09 15:20:27 | 000,000,000 | R--D | C] -- C:\Users\MannisPC\Documents
[2012.09.09 15:20:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.09.06 11:21:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
[2012.09.06 11:20:33 | 000,000,000 | ---D | C] -- E:\Meine Daten\Eigene Dokumente\Guild Wars 2
[2012.09.06 08:15:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.09.06 08:12:38 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.09.06 08:08:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.09.06 07:59:40 | 004,743,773 | R--- | C] (Swearware) -- E:\Meine Daten\Desktop\ComboFix.exe
[2012.09.05 23:54:27 | 000,000,000 | ---D | C] -- E:\Meine Daten\Desktop\spiele
[2012.09.03 17:31:34 | 000,000,000 | ---D | C] -- E:\Meine Daten\Desktop\nü
[2012.09.03 17:29:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.09.03 17:29:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.09.03 17:29:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.09.03 17:29:14 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.09.03 17:29:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.09.03 17:06:43 | 000,040,960 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\eax.dll
[2012.09.03 17:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative Labs
[2012.09.03 17:06:40 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2012.09.03 17:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
[2012.09.03 14:59:14 | 000,000,000 | ---D | C] -- C:\Users\MannisPC\AVM_Driver
[2012.09.02 15:06:26 | 000,000,000 | ---D | C] -- C:\Users\MannisPC\AppData\Roaming\Malwarebytes
[2012.09.02 15:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.09.02 15:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.09.02 15:06:15 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.09.02 15:06:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.16 18:50:35 | 000,000,000 | ---D | C] -- E:\Meine Daten\Eigene Dokumente\Yu-Gi-Oh! ONLINE 3
[2012.08.16 18:47:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\konami
[2012.08.11 10:38:27 | 000,000,000 | ---D | C] -- C:\Users\MannisPC\AppData\Roaming\12001.062
========== Files - Modified Within 30 Days ==========
[2012.09.09 15:37:54 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.09 15:37:54 | 000,014,208 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.09 15:30:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.09 15:30:08 | 2134,253,567 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.09 15:26:25 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.09.09 15:26:24 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.09.09 15:26:24 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.09.09 15:26:24 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.09.09 15:26:24 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.09.09 15:26:24 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.09.09 15:25:03 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.09.06 11:21:40 | 000,000,527 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.09.06 08:01:46 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.06 08:01:46 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.09.06 08:01:46 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.06 08:01:46 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.09.06 08:01:46 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.06 07:57:40 | 004,743,773 | R--- | M] (Swearware) -- E:\Meine Daten\Desktop\ComboFix.exe
[2012.09.03 17:35:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.08.16 18:47:56 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\Yu-Gi-Oh! ONLINE 3.lnk
[2012.08.13 09:56:46 | 000,000,017 | ---- | M] () -- C:\Users\MannisPC\AppData\Roaming\blckdom.res
========== Files Created - No Company Name ==========
[2012.09.09 15:25:03 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.09.09 15:25:03 | 000,002,036 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012.09.06 11:21:40 | 000,000,527 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk
[2012.09.03 17:29:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.09.03 17:29:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.09.03 17:29:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.09.03 17:29:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.09.03 17:29:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.08.16 18:47:56 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\Yu-Gi-Oh! ONLINE 3.lnk
[2012.06.26 12:55:28 | 000,000,025 | ---- | C] () -- C:\Users\MannisPC\AppData\Roaming\urhtps.dat
[2012.06.11 16:49:09 | 000,000,017 | ---- | C] () -- C:\Users\MannisPC\AppData\Roaming\blckdom.res
[2012.04.02 15:48:36 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2012.04.02 15:48:36 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2012.04.02 15:48:36 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2012.04.02 15:48:36 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2012.04.02 15:48:36 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2012.04.02 15:48:36 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2012.04.02 15:48:36 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2012.04.02 15:48:36 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2012.04.02 15:48:36 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2012.04.02 15:48:36 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2012.04.02 15:48:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2012.04.02 15:48:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2012.04.02 15:48:36 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2012.04.02 15:48:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2012.04.02 15:48:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2012.04.02 15:48:36 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2012.04.02 15:48:36 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2012.04.02 15:48:36 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2012.04.02 15:48:36 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2012.04.02 15:42:27 | 000,000,025 | ---- | C] () -- C:\Windows\CDEBX300DEFGIPS.ini
[2012.03.03 15:58:45 | 000,217,088 | ---- | C] () -- C:\Windows\NVGfxOgl.dll
[2012.03.03 15:36:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.06 04:35:10 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.12.06 04:35:10 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
< End of report >
--- --- ---
ExtrasOTL Logfile: Code:
OTL Extras logfile created on: 09.09.2012 15:35:05 - Run 2
OTL by OldTimer - Version 3.2.55.0 Folder = E:\Meine Daten\Desktop\nü
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,32 Gb Available Physical Memory | 79,18% Memory free
15,97 Gb Paging File | 14,08 Gb Available in Paging File | 88,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,06 Gb Total Space | 7,71 Gb Free Space | 19,72% Space Free | Partition Type: NTFS
Drive D: | 37,27 Gb Total Space | 28,32 Gb Free Space | 75,98% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 35,71 Gb Free Space | 23,96% Space Free | Partition Type: NTFS
Drive F: | 109,89 Gb Total Space | 74,91 Gb Free Space | 68,17% Space Free | Partition Type: NTFS
Computer Name: MANNISPC-PC | User Name: MannisPC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "F:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "F:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002CD859-94A0-4521-BFCE-B9736F42705E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0AED081C-E666-406D-8ABA-83E640F96992}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C32659E-CF80-4D66-B000-8762CD3E3CB5}" = lport=138 | protocol=17 | dir=in | app=system |
"{1FF6CAD9-D9C0-4BF6-A06C-8D6EA2D5CD3B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2418EB59-0CE3-44B8-8679-3DD92B788596}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{246D57EB-460F-4D91-A147-B7AFB6B35EB3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2E5ED331-3D1D-4B9C-B47A-A717FB2702A8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{380E537A-50A7-4EDD-B006-C790689E8DC3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B95880F-5F70-4AE6-A522-754D9445CFFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{4CABC72B-5D73-4C5B-80BA-5D7F5A910140}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C80FB09-16B6-4D9F-9973-7CFCD8D56440}" = lport=137 | protocol=17 | dir=in | app=system |
"{70CF7967-34BB-4038-9644-F984FA3C1596}" = rport=138 | protocol=17 | dir=out | app=system |
"{7D0C4EA8-2510-46AC-BCF1-4924CAA63477}" = rport=10243 | protocol=6 | dir=out | app=system |
"{87C29887-2789-4F46-BEC4-EDCBCA3DAE8D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9431E19D-2AA4-4051-8DC4-4351C6929CD1}" = rport=445 | protocol=6 | dir=out | app=system |
"{991DACC8-E9B7-4DBC-9C1E-41EBB12538FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B38B6543-DB6D-40A4-B46E-1979E9241BB2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBDFB4DC-1584-44D8-BE39-0DEF3ACC4E88}" = lport=445 | protocol=6 | dir=in | app=system |
"{C9462EDB-408E-4768-ACCD-F902F143BF7D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DC386EC9-BAC9-4762-9D79-10496C823B05}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F4AD64B8-AAB4-4F0A-8CC2-B68F8730C551}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDF59983-A7BB-41CB-AF46-C9AA64C5F91C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FF1FEC18-9E93-4474-88A5-A53AEF691E43}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1434EC0D-842A-4725-B23D-8141CA57C90A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{213EB019-9378-4B89-B995-83A65F1A9DE2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27AB5A35-0B3B-4CC1-ADC9-7C0A0A8EC683}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{34F7E5C1-AEB0-43B2-9839-68A5E96B0C63}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{3811D258-F641-4656-8625-7BAA371507B3}" = protocol=6 | dir=in | app=f:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{41D00D90-605E-47CA-BB82-7BF5472F9F29}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4F7F7A8D-0171-4AFC-B1BF-E49895C61FBA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{50A53609-E8E8-45BD-A795-7707D940E9AE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5155F3B1-BE22-4B9B-B669-19CC96AED55C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{53919997-5B13-4C9B-BDA2-095FB45BBBDF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{5998059A-3CB5-462C-9D71-EF0FA87A807E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{63083581-D961-450B-BECA-6B581C78B629}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{6A877B15-ED2C-4A47-AD27-33F9148A0DBB}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{6F244878-D55A-428A-A6F5-A5984E6837F3}" = protocol=17 | dir=in | app=f:\program files (x86)\thq\company of heroes\relicdownloader\relicdownloader.exe |
"{70128AFD-C306-4606-816B-5E3482005F3A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{74F11DA5-69C8-47B2-BA61-AC75BAAB358F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7AF1AD44-FBCB-4A71-B035-99F8FAFB2BAB}" = protocol=6 | dir=out | app=system |
"{803C9BA1-D7F0-42E4-9BCD-EE5EEFE15686}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B06DA60-F16B-4DC0-BA02-FEC31677F3FB}" = protocol=17 | dir=in | app=f:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{9267D32A-028F-4F2C-829A-7B0B2E47210E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{A5E17799-D0D4-42C5-A045-AB31013AF378}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AF510FB1-9EAC-4A19-A59B-3A278DAC241C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3264D9E-E0F5-4903-9373-42E179E95581}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{B37DC197-D481-4C81-8952-2FAF98A9C839}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{B99C6A56-A60E-4793-8D64-20E499F575D9}" = protocol=6 | dir=in | app=f:\program files (x86)\thq\company of heroes\reliccoh.exe |
"{BA7D7448-FDA2-4E5C-9B19-94A5BF3B1BA3}" = protocol=6 | dir=in | app=d:\neuer ordner\diablo iii\diablo iii.exe |
"{CB54F97A-D8E0-4738-B539-23FFAC47DD2D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D02A4613-EFFA-4B8C-90C3-798F161F4308}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D07E8B07-5E13-4A27-A035-668F3888E131}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E66CED77-EE3E-46DA-9F27-15560F0CE8F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E82D9661-B0D9-478E-B9FD-EF0C0426B42F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{F1B7188E-F8BA-4E9E-B275-54D349CDEB71}" = protocol=17 | dir=in | app=d:\neuer ordner\diablo iii\diablo iii.exe |
"{FBAF39A5-F995-4B8D-B84E-33675400855F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD30EF12-F905-4CA1-A995-6D1C9C495E96}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{FD5D8C23-FAC9-4243-AA07-957DFC1B763B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{4CDC09E8-45A8-4832-BE75-16C5EDD16204}C:\users\mannispc\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mannispc\appdata\roaming\spotify\spotify.exe |
"TCP Query User{53A2D321-04D5-489A-942C-1FC202A914A5}C:\users\mannispc\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\mannispc\appdata\local\temp\gw2.exe |
"TCP Query User{5E7B18EB-68F5-4756-9909-B4B5EA15010D}F:\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=f:\guild wars 2\gw2.exe |
"TCP Query User{5F43C0BA-FD8B-4CFB-A797-EB3F1E80EA46}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{77DA84BB-1429-410E-8282-C36F001FD45D}F:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=6 | dir=in | app=f:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe |
"TCP Query User{850A4DD0-BD93-4E60-818F-243181193435}C:\users\mannispc\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\mannispc\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A3FEAAE8-3A99-4CE6-9F11-322615AC4C30}F:\data\data\nfsw.exe" = protocol=6 | dir=in | app=f:\data\data\nfsw.exe |
"UDP Query User{12F04B83-5FA1-49EF-B0B4-D74E5844B236}F:\data\data\nfsw.exe" = protocol=17 | dir=in | app=f:\data\data\nfsw.exe |
"UDP Query User{33E979B1-C4E5-40DE-9828-8AA45CC19CD2}C:\users\mannispc\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mannispc\appdata\roaming\spotify\spotify.exe |
"UDP Query User{66E0F197-C4AE-4B17-9EFF-CE531EFC9E05}F:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe" = protocol=17 | dir=in | app=f:\program files (x86)\deep silver\sacred 2 - fallen angel\system\s2gs.exe |
"UDP Query User{7ACF4C00-2C2A-494B-8B77-DF63503D5E03}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{89A312AC-4025-494E-91B5-37B5BC0149DA}C:\users\mannispc\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\mannispc\appdata\roaming\spotify\spotify.exe |
"UDP Query User{B37F3ABF-5C2E-4FAC-9899-429B2407E802}C:\users\mannispc\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\mannispc\appdata\local\temp\gw2.exe |
"UDP Query User{C2A07620-0FA3-408A-954E-66A52A8C511D}F:\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=f:\guild wars 2\gw2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F92DAD2-FD95-DD12-50DF-A6F66C7E67C8}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9E3B2120-0BD8-9865-0387-E9BAC2A53AD3}" = ccc-utility64
"{ABE286AE-C65D-B7DE-C8D1-DF79584169B4}" = AMD Fuel
"{BE882A12-5A45-3DFF-9FD0-306DE65EB8A5}" = AMD Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EF393943-0CCE-9CD9-6181-96DF4E4428EF}" = AMD Media Foundation Decoders
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"EPSON BX300F Series" = EPSON BX300F Series Printer Uninstall
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0D97F8D1-2102-53D2-5633-C992D6086801}" = CCC Help Chinese Traditional
"{0EA00EA7-42C0-ED9C-9110-2C04B8EDBA66}" = CCC Help Italian
"{0EB86B70-91FF-39BF-633C-785DF2218CC6}" = CCC Help French
"{14574B7F-75D1-4718-B7F2-EBF6E2862A35}" = Company of Heroes - FAKEMSI
"{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}" = Unreal Anthology
"{1686C07D-C2BB-A8B2-C5ED-32C4EE1A3E62}" = CCC Help Spanish
"{18B6A9F8-25BC-5978-6B42-A50FA2CABC18}" = CCC Help English
"{199E6632-EB28-4F73-AECB-3E192EB92D18}" = Company of Heroes - FAKEMSI
"{25724802-CC14-4B90-9F3B-3D6955EE27B1}" = Company of Heroes - FAKEMSI
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{298C6691-46B2-2065-0DD7-1E7B3B669A47}" = CCC Help Finnish
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}" = Company of Heroes - FAKEMSI
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{400C5445-1AE8-1A41-CAC6-AB114341F65D}" = CCC Help Swedish
"{448B1C6D-02C2-7681-66B2-624E58B25375}" = CCC Help Turkish
"{46EB9D45-FC1A-2635-1693-176E6FA1C672}" = CCC Help Portuguese
"{46ED7863-473A-403D-9BAB-45E88A71F678}_is1" = ControlCenter
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50193078-F553-4EBA-AA77-64C9FAA12F98}" = Company of Heroes - FAKEMSI
"{51D718D1-DA81-4FAD-919F-5C1CE3C33379}" = Company of Heroes - FAKEMSI
"{651F43AA-3F06-9277-6F1B-8E8155017463}" = CCC Help Polish
"{66F78C51-D108-4F0C-A93C-1CBE74CE338F}" = Company of Heroes - FAKEMSI
"{68DE32E1-292B-6A02-6A53-935BFAE70C99}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}" = Company of Heroes - FAKEMSI
"{80D03817-7943-4839-8E96-B9F924C5E67D}" = Company of Heroes - FAKEMSI
"{818212BA-7F8C-DDF9-64BE-F6D0B6F46D29}" = CCC Help German
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{84F4542C-ED64-28AC-49B3-1A9BAB395AB4}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{97E5205F-EA4F-438F-B211-F1846419F1C1}" = Company of Heroes - FAKEMSI
"{99A7722D-9ACB-43F3-A222-ABC7133F159E}" = Company of Heroes - FAKEMSI
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C41195F-11B3-8EEC-6634-7183BE6CB1B1}" = CCC Help Japanese
"{A33A89D0-2F48-FD1C-A243-9073EE0592E0}" = Catalyst Control Center InstallProxy
"{A66FB6C7-B689-AFD5-21BA-7CAF8E44E6E6}" = Catalyst Control Center Graphics Previews Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE136F7F-7DC6-600F-9DF9-BFA0DF516135}" = Catalyst Control Center Localization All
"{B4CF00AE-2622-7BC6-24EC-4E5A0A8C9135}" = CCC Help Czech
"{BA801B94-C28D-46EE-B806-E1E021A3D519}" = Company of Heroes - FAKEMSI
"{BAE1C0A8-634D-CFF1-0E0C-893092427D34}" = CCC Help Danish
"{C2DEC505-79A9-E952-32B0-31B67B83E231}" = CCC Help Korean
"{C2FB14FB-DF6B-287D-BDC3-C7BEC86F539E}" = AMD VISION Engine Control Center
"{CCEFAE22-4D01-0084-D1CA-AC14AA743A97}" = CCC Help Greek
"{D4D244D1-05E0-4D24-86A2-B2433C435671}" = Company of Heroes - FAKEMSI
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DE460826-5E72-2357-154F-E376F9926008}" = CCC Help Norwegian
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E21FFD29-D231-3BD3-6941-15710E44BED4}" = CCC Help Dutch
"{E3E313C7-0AE2-7F44-52E8-528D4EDC74B2}" = CCC Help Thai
"{E3F04224-BA9A-4068-8A51-83267B4E7496}" = Yu-Gi-Oh! ONLINE 3
"{EAF636A9-F664-4703-A659-85A894DA264F}" = Company of Heroes - FAKEMSI
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9929777-7B6E-F53D-3105-1C06E5120CA1}" = CCC Help Russian
"Adobe AIR" = Adobe AIR
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Company of Heroes" = Company of Heroes
"DAEMON Tools Pro" = DAEMON Tools Pro
"Diablo III" = Diablo III
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EAX(tm) Unified (SHELL)" = EAX(tm) Unified (SHELL)
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Office BX300F_TX300F Benutzerhandbuch" = EPSON Stylus Office BX300F_TX300F Handbuch
"ESET Online Scanner" = ESET Online Scanner v3
"FINAL FANTASY VIII" = FINAL FANTASY VIII
"Free YouTube Download_is1" = Free YouTube Download version 3.1.22.319
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.24.608
"Guild Wars 2" = Guild Wars 2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Warlords Battlecry II" = Warlords Battlecry II
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2012 13:28:12 | Computer Name = MannisPC-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\ATI\CIM\Bin64\SetACL64.exe".
Die
abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.09.2012 13:28:19 | Computer Name = MannisPC-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 04.09.2012 05:51:57 | Computer Name = MannisPC-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 660 Startzeit: 01cd8a7b3f4837a7 Endzeit: 15 Anwendungspfad:
C:\Windows\Explorer.EXE Berichts-ID: 21ff4110-f676-11e1-8f5a-001f3f0201d5
Error - 04.09.2012 06:39:29 | Computer Name = MannisPC-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: nfsw.exe, Version: 1.0.0.1091, Zeitstempel:
0x503d2dbc Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000096 Fehleroffset: 0x0f9cd0f4 ID des fehlerhaften Prozesses:
0x444 Startzeit der fehlerhaften Anwendung: 0x01cd8a8967da620d Pfad der fehlerhaften
Anwendung: F:\Data\Data\nfsw.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung:
cdf5c8c8-f67c-11e1-8f5a-001f3f0201d5
Error - 04.09.2012 06:39:29 | Computer Name = MannisPC-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der
gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder
der Datenträger fehlt. Das Programm Need for Speed World wurde wegen dieses Fehlers
geschlossen. Programm: Need for Speed World Datei: Der Fehlerwert ist im Abschnitt
"Zusätzliche Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut.
Diese
Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird,
wenn das Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei
zugreifen können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig
in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: 00000000 Datenträgertyp:
0
Error - 09.09.2012 09:01:50 | Computer Name = MannisPC-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 12.0.0.4493 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10a8 Startzeit:
01cd8e8af3c046e5 Endzeit: 28 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
8325dec5-fa7e-11e1-90cd-001f3f0201d5
Error - 09.09.2012 09:04:13 | Computer Name = MannisPC-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 12.0.0.4493 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 136c Startzeit:
01cd8e8b47fe4725 Endzeit: 30 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
d897469b-fa7e-11e1-90cd-001f3f0201d5
Error - 09.09.2012 09:06:33 | Computer Name = MannisPC-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 12.0.0.4493 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 160 Startzeit:
01cd8e8b9cd9ddaa Endzeit: 22 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
2c3d40cf-fa7f-11e1-90cd-001f3f0201d5
Error - 09.09.2012 09:09:56 | Computer Name = MannisPC-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 12.0.0.4493 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 9c0 Startzeit:
01cd8e8bf08380a3 Endzeit: 22 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
a56901f7-fa7f-11e1-90cd-001f3f0201d5
Error - 09.09.2012 09:25:40 | Computer Name = MannisPC-PC | Source = MsiInstaller | ID = 11500
Description =
[ System Events ]
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36874
Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 107.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36874
Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 107.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36874
Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 107.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36874
Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 107.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36874
Description = Eine SSL 3.0-Verbindungsanforderung wurde von einer Remoteclientanwendung
übermittelt, jedoch werden keine der Verschlüsselungssammlungen, die von der Clientanwendung
unterstützt werden, vom Server unterstützt. Fehler bei der SSL-Verbindungsanforderung.
Error - 22.08.2012 16:54:12 | Computer Name = MannisPC-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus
lautet: 107.
< End of report >
--- --- --- |
