AUSWERTUNG OTL Logfiles - Windowssuche Absturz

Rumburak2012 · 16.01.2012, 12:18

Hallo,

habe OTL Logfiles erstellt und würde mich über eine schnelle Auswertung freuen.

Vielen Dank schonmal im voraus

1. OTL.Txt

OTL logfile created on: 16.01.2012 11:21:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\JP\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,97 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 68,19% Memory free
7,93 Gb Paging File | 6,57 Gb Available in Paging File | 82,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 163,51 Gb Total Space | 125,52 Gb Free Space | 76,76% Space Free | Partition Type: NTFS
Drive E: | 134,58 Gb Total Space | 117,28 Gb Free Space | 87,14% Space Free | Partition Type: NTFS

Computer Name: JP-PC | User Name: JP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.16 00:20:04 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
PRC - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe
PRC - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
PRC - [2009.08.15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

========== Modules (No Company Name) ==========

MOD - [2010.10.01 22:05:46 | 008,972,888 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtGui4.dll
MOD - [2010.10.01 22:05:42 | 002,456,152 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\QtCore4.dll
MOD - [2010.10.01 21:07:46 | 000,733,184 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\localization_manager.dll
MOD - [2009.10.30 20:32:30 | 000,410,496 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\dblite.dll
MOD - [2009.08.15 06:38:20 | 000,614,400 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.11.10 04:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.05.18 13:31:14 | 000,199,272 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2010.10.01 22:06:36 | 000,348,760 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe -- (AVP)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009.07.31 17:09:14 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.12.02 18:38:08 | 000,239,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2011.11.10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011.11.10 04:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.11.10 04:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.10 03:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.11.04 19:53:06 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011.10.17 15:55:32 | 000,559,384 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.09.14 13:58:38 | 000,398,112 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2011.08.03 17:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.08.19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010.02.26 19:39:24 | 000,132,608 | ---- | M] (Unibrain) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ubohci.sys -- (ubohci)
DRV:64bit: - [2010.02.26 19:38:48 | 000,092,160 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBUMAPI.sys -- (ubumapi)
DRV:64bit: - [2010.02.26 19:38:30 | 000,024,064 | ---- | M] (Unibrain) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\UBSBM.sys -- (ubsbm)
DRV:64bit: - [2009.12.14 12:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
DRV:64bit: - [2009.12.14 12:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
DRV:64bit: - [2009.10.22 13:56:10 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.10.14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
DRV:64bit: - [2009.10.02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.09.24 17:31:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2009.09.17 01:44:24 | 000,010,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\whfltr2k.sys -- (whfltr2k)
DRV:64bit: - [2009.09.14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2009.09.03 10:59:28 | 000,054,784 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009.09.01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2009.07.31 17:09:14 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009.07.31 17:09:10 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009.07.31 17:09:10 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009.07.31 17:09:06 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009.07.31 17:09:06 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.09 04:18:20 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DGIVECP.SYS -- (DgiVecp)
DRV:64bit: - [2008.01.10 19:34:52 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007.08.03 05:35:54 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3111291807-1449992328-3040133662-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3111291807-1449992328-3040133662-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3111291807-1449992328-3040133662-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3111291807-1449992328-3040133662-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5F 53 54 B0 10 9B CC 01 [binary data]
IE - HKU\S-1-5-21-3111291807-1449992328-3040133662-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.06 23:56:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.13 13:16:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.06 11:29:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\THBExt [2011.11.04 19:53:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{72CA2996-F580-47DF-98FF-0B853D09CEC8}: C:\Users\JP\AppData\Roaming\Kaspersky Lab\Password Manager\kpmAutofill [2011.11.09 00:11:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{72CA2996-F580-47DF-98FF-0B853D09CEC8}: C:\Users\JP\AppData\Roaming\Kaspersky Lab\Password Manager\kpmAutofill [2011.11.09 00:11:48 | 000,000,000 | ---D | M]

[2011.11.06 10:42:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JP\AppData\Roaming\mozilla\Extensions
[2012.01.13 22:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.01.10 13:38:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2011.11.06 15:03:55 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2012.01.13 22:36:40 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files (x86)\mozilla firefox\extensions\quickstores@quickstores.de
[2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.186.33 83.169.186.97 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D9D4F92-5010-47A0-BD27-EE72335DEE1F}: DhcpNameServer = 83.169.186.33 83.169.186.97 192.168.0.1
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) -C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) -C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6c1ff65f-1ae0-11e1-874b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6c1ff65f-1ae0-11e1-874b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\zdata\cobi.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.16 11:08:54 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.01.16 00:21:12 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Malwarebytes
[2012.01.16 00:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.16 00:21:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.16 00:20:04 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
[2012.01.16 00:18:48 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\JP\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.15 23:25:19 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\Diagnostics
[2012.01.15 23:17:27 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.01.15 23:17:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SurfMusik 3.1
[2012.01.15 23:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SurfMusik 3.1
[2012.01.15 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\SlimWare Utilities Inc
[2012.01.15 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2012.01.15 22:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2012.01.15 22:08:23 | 000,000,000 | ---D | C] -- C:\Users\JP\Documents\VirtualDJ
[2012.01.15 21:55:50 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Scribus
[2012.01.15 21:55:02 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scribus 1.4.0.rc6
[2012.01.15 21:54:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scribus 1.4.0.rc6
[2012.01.15 14:10:11 | 000,000,000 | ---D | C] -- C:\Users\JP\SystemRequirementsLab
[2012.01.15 14:03:29 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Intel
[2012.01.15 13:55:05 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2012.01.15 13:54:45 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Corporation
[2012.01.14 23:16:18 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Abelssoft
[2012.01.14 23:16:15 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\Abelssoft
[2012.01.14 23:16:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateYeti
[2012.01.14 23:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UpdateYeti
[2012.01.14 20:55:54 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\ATI
[2012.01.14 20:55:54 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\ATI
[2012.01.14 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.01.14 20:55:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.01.14 20:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.01.14 20:55:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012.01.14 20:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Pro Control Center
[2012.01.14 20:54:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.01.14 20:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.01.14 20:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.01.14 20:51:56 | 000,000,000 | ---D | C] -- C:\ATI
[2012.01.14 20:37:37 | 003,746,408 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2012.01.14 20:37:37 | 002,526,824 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2012.01.14 20:37:37 | 000,239,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2012.01.14 19:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data
[2012.01.14 19:51:04 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Local\Publish_Data
[2012.01.14 19:50:57 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Treiber-Studio
[2012.01.14 19:50:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Publish Data
[2012.01.14 19:50:16 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2012.01.14 11:10:48 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012.01.13 22:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2012.01.12 15:15:54 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Tools
[2012.01.10 21:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.01.10 21:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.01.10 21:32:42 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.10 21:32:41 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.10 21:32:41 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.10 21:32:41 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.10 21:32:41 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.10 21:32:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.10 21:22:25 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.10 21:22:25 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.10 21:22:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.10 21:22:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.10 21:22:24 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.10 21:22:23 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.10 21:22:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.10 13:38:17 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012.01.10 13:38:17 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012.01.10 13:38:16 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012.01.10 13:34:24 | 000,252,296 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.01.10 13:34:23 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.01.09 21:26:08 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\ImgBurn
[2012.01.09 21:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2012.01.09 21:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2012.01.07 20:59:46 | 000,000,000 | ---D | C] -- C:\Users\JP\Desktop\SabineFahrrad
[2011.12.30 05:59:12 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Skype
[2011.12.30 05:59:04 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.12.30 05:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.12.30 05:59:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.12.22 20:38:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2011.12.22 20:38:51 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2011.12.22 20:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
[2011.12.22 20:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2011.12.22 10:47:57 | 002,615,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011.12.22 10:47:57 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011.12.22 10:47:57 | 000,219,752 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2011.12.22 10:47:56 | 003,744,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011.12.22 10:47:56 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll
[2011.12.22 10:47:55 | 001,969,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011.12.22 10:47:54 | 002,684,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2011.12.22 10:47:54 | 000,100,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2011.12.22 10:47:52 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek2.dll
[2011.12.21 21:59:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Versandhelfer
[2011.12.21 21:59:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Versandhelfer
[2011.12.17 12:40:18 | 000,000,000 | ---D | C] -- C:\Users\JP\AppData\Roaming\Audacity
[2011.12.17 12:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.01.16 11:19:20 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.16 11:19:20 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.16 11:18:25 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.16 11:18:25 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.16 11:18:25 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.16 11:18:25 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.16 11:18:25 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.16 11:13:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.16 11:13:36 | 3195,301,888 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.16 11:09:10 | 000,294,400 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.16 00:20:04 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\JP\Desktop\OTL.exe
[2012.01.16 00:19:17 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\JP\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.15 23:17:27 | 000,000,979 | ---- | M] () -- C:\Users\JP\Desktop\SurfMusik 3.1a.lnk
[2012.01.15 22:08:38 | 000,001,050 | ---- | M] () -- C:\Users\JP\Desktop\VirtualDJ Home FREE.lnk
[2012.01.15 21:55:26 | 000,001,095 | ---- | M] () -- C:\Users\JP\Desktop\Scribus 1.4.0.rc6.lnk
[2012.01.15 13:55:05 | 000,003,093 | ---- | M] () -- C:\Users\JP\Desktop\Intel Processor Diagnostic Tool.lnk
[2012.01.14 23:16:14 | 000,001,921 | ---- | M] () -- C:\Users\JP\Desktop\UpdateYeti.lnk
[2012.01.14 19:50:57 | 000,002,217 | ---- | M] () -- C:\Users\JP\Desktop\Treiber-Studio 2011.lnk
[2012.01.10 22:00:31 | 000,000,980 | ---- | M] () -- C:\Users\JP\Desktop\7-Zip File Manager.lnk
[2012.01.10 12:35:55 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.01.09 21:19:17 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2012.01.06 23:56:19 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.12.22 21:11:27 | 001,049,856 | ---- | M] () -- C:\Users\JP\Desktop\ARGEForderung30Januar2012.jpg
[2011.12.22 21:10:44 | 000,000,992 | ---- | M] () -- C:\Users\JP\Desktop\Core Temp.lnk
[2011.12.22 20:21:35 | 000,001,106 | ---- | M] () -- C:\Users\JP\Desktop\EVEREST Home Edition.lnk
[2011.12.21 21:59:48 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Versandhelfer.lnk
[2011.12.21 21:59:31 | 000,000,337 | ---- | M] () -- C:\Users\JP\AppData\Roaming\dpdhl.versandhelfer_state.xml
[2011.12.17 12:40:12 | 000,001,148 | ---- | M] () -- C:\Users\JP\Desktop\Audacity 1.3 Beta (Unicode).lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.01.16 11:08:48 | 000,294,400 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.15 23:17:27 | 000,006,114 | ---- | C] () -- C:\Windows\SysWow64\SHELLLNK.TLB
[2012.01.15 23:17:27 | 000,000,979 | ---- | C] () -- C:\Users\JP\Desktop\SurfMusik 3.1a.lnk
[2012.01.15 22:08:38 | 000,001,050 | ---- | C] () -- C:\Users\JP\Desktop\VirtualDJ Home FREE.lnk
[2012.01.15 21:55:26 | 000,001,095 | ---- | C] () -- C:\Users\JP\Desktop\Scribus 1.4.0.rc6.lnk
[2012.01.15 13:55:05 | 000,003,093 | ---- | C] () -- C:\Users\JP\Desktop\Intel Processor Diagnostic Tool.lnk
[2012.01.14 23:16:14 | 000,001,921 | ---- | C] () -- C:\Users\JP\Desktop\UpdateYeti.lnk
[2012.01.14 19:50:57 | 000,002,217 | ---- | C] () -- C:\Users\JP\Desktop\Treiber-Studio 2011.lnk
[2012.01.10 22:00:31 | 000,000,980 | ---- | C] () -- C:\Users\JP\Desktop\7-Zip File Manager.lnk
[2012.01.09 21:19:17 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2012.01.09 21:19:17 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2011.12.22 21:09:47 | 001,049,856 | ---- | C] () -- C:\Users\JP\Desktop\ARGEForderung30Januar2012.jpg
[2011.12.22 20:38:52 | 000,000,992 | ---- | C] () -- C:\Users\JP\Desktop\Core Temp.lnk
[2011.12.22 20:21:35 | 000,001,106 | ---- | C] () -- C:\Users\JP\Desktop\EVEREST Home Edition.lnk
[2011.12.22 10:47:55 | 000,200,468 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2011.12.21 21:59:31 | 000,000,337 | ---- | C] () -- C:\Users\JP\AppData\Roaming\dpdhl.versandhelfer_state.xml
[2011.12.17 12:40:12 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2011.12.17 12:40:12 | 000,001,148 | ---- | C] () -- C:\Users\JP\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2011.12.15 22:28:09 | 000,007,623 | ---- | C] () -- C:\Users\JP\AppData\Local\Resmon.ResmonCfg
[2011.11.18 22:06:02 | 000,479,232 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.11.14 14:14:25 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.11.14 14:14:25 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.11.10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.11.05 11:41:06 | 000,003,139 | ---- | C] () -- C:\Users\JP\AppData\Roaming\DownloadManagerFiles.xml
[2011.11.04 13:53:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2012.01.14 23:16:18 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Abelssoft
[2011.12.21 17:33:25 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Audacity
[2011.11.07 11:38:36 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\dpdhl.versandhelfer
[2011.11.05 11:37:41 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Drivers For Free
[2011.12.21 12:17:44 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Epson
[2012.01.02 13:38:12 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\FileZilla
[2011.12.01 21:54:50 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\GetRightToGo
[2011.11.07 10:18:07 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\hdbADS
[2012.01.09 22:13:13 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\ImgBurn
[2011.11.06 15:53:00 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\OpenOffice.org
[2011.11.06 01:07:21 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Opera
[2011.11.16 19:24:38 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\PhraseExpress
[2012.01.15 22:00:42 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Scribus
[2011.11.06 11:29:39 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Thunderbird
[2012.01.14 14:59:24 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\Tools
[2011.12.23 15:54:21 | 000,000,000 | ---D | M] -- C:\Users\JP\AppData\Roaming\XnView
[2011.12.31 11:41:09 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

2. Extras.Txt

OTL Extras logfile created on: 16.01.2012 11:21:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\JP\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,97 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 68,19% Memory free
7,93 Gb Paging File | 6,57 Gb Available in Paging File | 82,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 163,51 Gb Total Space | 125,52 Gb Free Space | 76,76% Space Free | Partition Type: NTFS
Drive E: | 134,58 Gb Total Space | 117,28 Gb Free Space | 87,14% Space Free | Partition Type: NTFS

Computer Name: JP-PC | User Name: JP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3111291807-1449992328-3040133662-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC2
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}" = AMD Catalyst Install Manager
"{3C32C938-3071-BEF0-1EA5-403A420031A0}" = ccc-utility64
"{3F372A41-8007-012F-F5AE-685F588FC897}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{64A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1 (64-bit)
"{C7345244-B77E-4296-9E89-FFEB633BA7A8}" = Intel Processor Diagnostic Tool 64Bit
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"EPSON SX218 Series" = EPSON SX218 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Unlocker" = Unlocker 1.9.1-x64

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{2461E016-9FB4-B233-A74D-91D11A664342}" = CCC Help English
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{310C1558-F6B5-4889-98B0-7471966BA7F2}" = Epson Easy Photo Print 2
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51002784-18FA-8FF9-9A1A-2468E7FCA096}" = Catalyst Control Center Graphics Previews Common
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{C454E7DD-A09A-6D06-7FF9-59753475FC09}" = Catalyst Pro Control Center
"{CE23BD08-F6FD-3337-D8BC-5B55E69263A5}" = Catalyst Control Center InstallProxy
"{DA109884-7CDC-5F21-5F0B-742AA74F84E1}" = Catalyst Control Center Localization All
"{E19490CD-5380-4F37-B0A7-624D635605DC}" = Catalyst Control Center - Branding
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F663C1B3-DF22-6ED0-542A-356360689781}" = Versandhelfer
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.21beta
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe AIR" = Adobe AIR
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"dpdhl.versandhelfer" = Versandhelfer
"EPSON Scanner" = EPSON Scan
"EPSON SX218 Series Manual" = EPSON SX218 Series Handbuch
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileZilla Client" = FileZilla Client 3.5.2
"ImgBurn" = ImgBurn
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Mozilla Thunderbird 9.0.1 (x86 de)" = Mozilla Thunderbird 9.0.1 (x86 de)
"PhraseExpress_is1" = PhraseExpress v8.0.142
"Revo Uninstaller" = Revo Uninstaller 1.93
"Samsung ML-1640 Series" = Samsung ML-1640 Series
"Scribus 1.4.0" = Scribus 1.4.0.rc6
"SurfMusik 3.1a_is1" = SurfMusik 3.1a
"Treiber-Studio 2011" = Treiber-Studio 2011 7.0.6.116
"UpdateYeti_is1" = UpdateYeti
"XnView_is1" = XnView 1.98.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.01.2012 06:21:18 | Computer Name = JP-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 14.01.2012 06:21:18 | Computer Name = JP-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 14.01.2012 06:21:18 | Computer Name = JP-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 14.01.2012 06:48:21 | Computer Name = JP-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 14.01.2012 06:48:21 | Computer Name = JP-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 14.01.2012 08:52:28 | Computer Name = JP-PC | Source = ESENT | ID = 455
Description = Windows (1144) Windows: Fehler -1811 beim Öffnen von Protokolldatei
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00007.log.

Error - 14.01.2012 08:52:28 | Computer Name = JP-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 14.01.2012 08:52:28 | Computer Name = JP-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 14.01.2012 08:52:28 | Computer Name = JP-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 14.01.2012 08:52:28 | Computer Name = JP-PC | Source = Windows Search Service | ID = 9002
Description =

[ System Events ]
Error - 13.01.2012 09:47:29 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 13.01.2012 09:48:16 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.

Error - 13.01.2012 09:48:16 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.

Error - 13.01.2012 16:35:39 | Computer Name = JP-PC | Source = DCOM | ID = 10010
Description =

Error - 13.01.2012 16:54:37 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 13.01.2012 16:55:11 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.

Error - 13.01.2012 16:55:11 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.

Error - 13.01.2012 19:10:22 | Computer Name = JP-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?01.?2012 um 00:05:45 unerwartet heruntergefahren.

Error - 13.01.2012 19:10:33 | Computer Name = JP-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20

Error - 14.01.2012 04:55:48 | Computer Name = JP-PC | Source = DCOM | ID = 10010
Description =

< End of report >

cosinus · 16.01.2012, 16:51

Zitat:

Windowssuche Absturz

Ist das die detailierte Problembeschreibung?

Rumburak2012 · 17.01.2012, 11:25

Das Problem sieht man doch in dem untersten Logfile ganz unten. Ausserdem hätte ich gern das komplette Logfile ausgewertet, um zu wissen ob es da irgendwelche ernsten Probleme oder Viren auf meinem Laptop gibt.
Vielen Dank Jens

cosinus · 17.01.2012, 13:29

Hör mal, ich will mir nicht mühsam eine mögliche Prblembeschreibung aus dem Eriegnisprotokoll zusammenfrickeln.
Wenn man dir helfen soll, dann beschreibe erstmal aus deiner Sicht das Problem so genau wie möglich und die Beschreibung wird mit dem Log verglichen.

So läuft das für gewöhnlich wenn man Hilfe in einem Forum haben will!

AUSWERTUNG OTL Logfiles - Windowssuche Absturz

Log-Analyse und Auswertung: AUSWERTUNG OTL Logfiles - Windowssuche Absturz