| |  Wie entferne ich Win32/Ponmocup
 Hallo,
wer kann mir helfen?
Ich habe mir folgenden Trojaner eingefangen.
Es findet eine redirect bei der Suche (alle Suchmaschinen) nur bei Firefox statt.
Malewarebytes, Spybot und HijackThis sowie die Virenscanner Vipre, Trend,...
haben nichts gefunden.
ABER:
Hier die Auswertung von ESET:
C:\Users\tine\AppData\Roaming\PSHEDV.dll a variant of Win32/Ponmocup.FJ trojan
Operating memory probably a variant of Win32/Ponmocup.AA trojan
OLT Extras PHP-Code: OTL Extras logfile created on: 29.11.2012 13:17:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tine\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 77,04% Memory free
15,93 Gb Paging File | 13,73 Gb Available in Paging File | 86,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 71,34 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 135,43 Gb Free Space | 92,45% Space Free | Partition Type: NTFS
Drive E: | 172,79 Gb Total Space | 10,02 Gb Free Space | 5,80% Space Free | Partition Type: NTFS
Drive G: | 229,49 Gb Total Space | 223,71 Gb Free Space | 97,48% Space Free | Partition Type: NTFS
Drive H: | 236,27 Gb Total Space | 147,23 Gb Free Space | 62,32% Space Free | Partition Type: NTFS
Computer Name: TINE-PC | User Name: tine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1242F610-96E2-4326-91FC-B108B9ED4CB6}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{15B3F73E-2798-4AB2-9140-AB62A1FB8449}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25448552-7DD6-490E-BD62-BF5A4C85155E}" = lport=445 | protocol=6 | dir=in | app=system |
"{29ACC270-A268-4B58-A374-40E3C7FB2756}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{2AA0F66C-3128-44B2-9B30-15C073CD93B3}" = rport=137 | protocol=17 | dir=out | app=system |
"{2FE018D6-C1DF-4385-A380-92717EE90614}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31203C2A-C493-429B-A946-DB1B7250DCE3}" = rport=138 | protocol=17 | dir=out | app=system |
"{3300E9EB-76D2-43E7-A30B-6A5FB23DE020}" = lport=10243 | protocol=6 | dir=in | app=system |
"{415614B1-4F6E-443E-B71C-250B0C6405D2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4469B057-5541-4F01-8556-C1E5AB7048C9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{57B43091-D1FD-4108-A24F-C08257DDD7F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{5DC73C76-A9C9-443F-BC58-67E3A144C70B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F885043-3822-49B2-8F31-F55ADF1D2658}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72DDE9AD-05EE-491F-BEEF-F300756FDD72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7564640F-F365-4FC1-AACD-E66CEA868026}" = lport=138 | protocol=17 | dir=in | app=system |
"{774821C5-B78F-48F2-B25C-9714A49A105A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7C2DA12C-8AE9-4F6F-99BE-2BDE426DF84C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8671095F-C229-490E-B7BC-FF5707A3265A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8BF59799-D009-4185-B612-8A0B26E8BA0C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E3343BB-B6F2-421A-8BFC-BE418F63EC27}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9604179A-4B2E-4DF1-949D-DC79C4EE83DF}" = lport=139 | protocol=6 | dir=in | app=system |
"{B8A79B3A-B828-4570-9741-DCB34E3A459C}" = rport=445 | protocol=6 | dir=out | app=system |
"{BE0588AB-98D2-4C6C-B7F0-78AA69341FA6}" = lport=137 | protocol=17 | dir=in | app=system |
"{D9846502-880D-4BB7-8350-8047103190E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E52E2D9F-E75E-40B8-A811-9F0198A645C6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FD54A562-5379-4C5A-988C-159A5E30F541}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{FF0DC690-D5CF-4338-B554-EFD6D5E772E0}" = rport=139 | protocol=6 | dir=out | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0108B40C-C89F-4882-8CDD-8A112D4E2213}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{06073714-77B8-4A34-B8B9-3EC61F027765}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{105EB409-E02F-48A8-A7C0-9EA00EB83DF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{107355E6-C086-4784-9D35-69FFF6C903AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{10FAF72A-06D1-44E8-B981-7ACD1BCB6AE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C600241-6AF9-4033-881A-98B5B7EE3F09}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1E5E01A7-F531-40AF-912F-66401F15C993}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{21545697-CA6B-4B13-AF81-7A684E105AED}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{281C5D6F-658C-4BC7-96FD-97751E40C3A6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{37D5DDF2-4E35-41B6-A9A4-EB45926DF066}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3FD145FA-9CAE-4298-BB7D-A06EDE04B2C3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4C707AAD-F901-46AB-85F1-5D2B90996E71}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{504A01D9-75D0-4E7B-BB43-B3590277DBF9}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5306DBA1-6463-438B-BDCE-3759D60FDFCB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{827497FF-F9AD-47D4-B803-8A6C9B869E13}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B14A49D-89C8-4641-A9FA-C9FEC426A7B7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8C647FF5-3AC9-431D-8488-260044D32851}" = protocol=6 | dir=out | app=system |
"{93E0E5A6-DB97-4517-9966-93B2BD3B0A16}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{94CB6094-D610-4AC1-BDF1-B20A52D2E91B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{98EE3E3A-10D7-4122-A6BF-C5E7DC6F82DA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{9C87437D-D932-49FD-900E-5293A8EFA513}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2550683-ECF3-4F25-9E76-AF206F6A8187}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B4C9A89A-7B89-482D-B982-5B1A1E19C38D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B539DC79-C23F-4AFD-9877-7C1D109CE66C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C359BEDE-0F7C-43F4-BE0B-562C78DB90AA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D4BD69C0-3252-4AB0-B342-AC21C5965314}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D5F2986C-62B9-4FF4-BD57-D492FC8B9709}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{EB5865A5-19C4-4FDB-A9B3-E60057DAE563}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED12F546-E62C-4B7E-875E-9471E750DB8E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{F084A4FD-BE25-44F5-A0B2-6C831FB45D43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}" = 64 Bit HP CIO Components Installer
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{42822DCA-21E7-49C6-20DE-9FAC7A4980C2}" = ATI Problem Report Wizard
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6B06B783-FEBA-944A-C1DE-26032C12AA7C}" = ccc-utility64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}" = HP Color LaserJet CM1312 MFP Series 5.1
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E9E6A9B7-89B7-41D3-90A1-710E82427097}" = CIB pdf brewer
"{F2DEDF1D-AFB2-CCFD-54C4-05BED30C75ED}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.62
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{038E0E55-9758-49A1-892D-5226FAED5395}" = CCC Help Italian
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0626C86E-5A8F-4A6D-8C0A-5FF38BD2DA3A}" = hppFaxUtilityCM1312
"{07B85EEC-05BD-4E6A-AAEB-502FB2473DFA}" = hppCLJCM1312
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{12499C3D-9197-EF35-0499-2FD15F0B3750}" = CCC Help German
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1695F36D-6501-8139-FCC4-C8EAEDD8CEE0}" = CCC Help Polish
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1C5509E5-0217-8D75-AE02-29F492990EC6}" = Catalyst Control Center HydraVision Full
"{204F1BCA-E5C9-091E-797D-F1C89BC8EABC}" = CCC Help English
"{23D6C05C-E8BB-0812-7C96-33F0E25A6388}" = HydraVision
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{2C85BCF9-4CD2-3428-F61F-DFC8120DA962}" = Catalyst Control Center Localization All
"{2D30D92F-AD5C-428F-8029-5A913104F262}" = hppTLBXFXCM1312
"{325D1D94-4F34-46A7-A489-737C801B931D}" = hppusgCM1312
"{34EA290B-46FE-842B-570D-B7FD8DA524CE}" = CCC Help Finnish
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{36424AC9-1F0A-5F04-EE8A-AA67AFFF0E38}" = CCC Help Thai
"{37FF2633-E9CF-2BEA-07E5-5C7CEB95D19C}" = CCC Help Hungarian
"{3888AA11-8C88-75FE-C777-9091A30906F1}" = CCC Help Chinese Traditional
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FB5B60F-1DBE-4E41-D1B6-7725D2EB6C28}" = CCC Help Swedish
"{43787BBC-2502-F521-D190-4D0F3D3F577D}" = CCC Help Korean
"{43AF13F5-DC44-4820-8FFA-38E132FB0900}" = VIPRE Internet Security
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{484A13AB-A4C1-41FD-87E0-EBE2DA01250E}" = hppSendFaxCM1312
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}" = hppQFolderCM1312
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BA93046-491F-0DAF-BD71-6950CAB9C3B3}" = CCC Help Norwegian
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FA1BBE7-C9C9-A690-B02B-DA870D870C85}" = ccc-core-static
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{793A82B9-A40A-24B2-64D2-E94861E2394E}" = Catalyst Control Center Graphics Previews Common
"{7985C7FA-B151-4BA7-B19E-1577A7B527F1}" = hppFaxDrvCM1312
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{8213E9E7-AFAF-79B8-DB19-F86FA9461F65}" = CCC Help Chinese Standard
"{826BAFB7-04F7-FADE-9498-ADBCEBFE1BDB}" = CCC Help Greek
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B03690C-8D38-FE9D-7018-69217FC80377}" = CCC Help French
"{8D4E9553-BCEB-6FEC-2792-49957375B43D}" = CCC Help Spanish
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95C489A8-CB62-493C-8312-CA34ED2A3F12}" = CCC Help Dutch
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9875f052-04cb-4f89-8a72-9efbaf460257}" = Nero 9 Lite
"{995F2783-8311-49BF-833E-DB659774B4F6}" = hppFonts
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CA76423-9C56-0E19-0FAC-29312B65387C}" = CCC Help Turkish
"{A1F46482-7396-F8E7-305A-3D705A7118D2}" = CCC Help Portuguese
"{A7285D92-27EE-4D91-AB57-5EF326B572C6}" = hpzTLBXFX
"{a93a9faf-9ab4-4c40-b9b8-76cd864af0fb}" = Nero InCD-Reader
"{A93F5A52-4BFB-FC4B-711B-A7DBF2D0B3D7}" = CCC Help Japanese
"{AAF70000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 7.0 Professional Edition
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B365F570-2800-9F57-1E82-EC6F6C53BB3E}" = Catalyst Control Center Graphics Full Existing
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B59ACF5E-0FF7-44D2-B57D-E516F334AC2E}" = hppScanToCM1312
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C1505E9E-C2EF-71EE-2440-2A47F909C2ED}" = CCC Help Czech
"{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}" = VIPRE Internet Security
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6B61052-2A15-1322-4EBD-1A8D6CCED0DA}" = CCC Help Russian
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CAF9161C-0D5C-9C91-5A07-16C8AD61742B}" = Catalyst Control Center Graphics Full New
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{D5F587D9-7C72-F53B-5463-B05E781315E1}" = CCC Help Danish
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}" = aiofw
"{DFB61AE1-6C02-5388-EABD-35F872D95018}" = Catalyst Control Center Graphics Light
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK Home Center Software
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EAE03809-1E54-11DA-837B-DFCB8B5AB318}" = SoWoSoft-Lernprogramme
"{EBC3147B-36BE-4846-9A3D-0C6292B78350}" = hppPQVideoCM1312
"{ED498DD7-FBC1-4C67-8D9B-C9218FBC818D}" = hppManualsCM1312
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1806FC2-13EE-A21F-F4A0-705D55BA47DE}" = Catalyst Control Center Core Implementation
"{F41D5B74-E0AC-4D36-9BC4-86A02994AA83}" = 10*000 Aufgaben Mathematik
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB366EEB-C608-0993-CB9E-54789A6107DC}" = Catalyst Control Center Graphics Previews Vista
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FileZilla Client" = FileZilla Client 3.5.3
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.0.2
"GEONExT_is1" = GEONExT 1.74
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"HD Tune_is1" = HD Tune 2.55
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"VLC media player" = VLC media player 1.0.5
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 29.11.2012 04:33:02 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\tine\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 04:33:04 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\tine\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 04:33:53 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\tine\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 04:33:53 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\tine\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 05:08:20 | Computer Name = tine-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(HP\032Color\032LaserJet\032CM1312nfi\032MFP\032(3A1D19)._pdl-datastream._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 29.11.2012 05:38:18 | Computer Name = tine-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(pdwnas\032(CIFS)._smb._tcp.local.)
active for over two minutes. This places considerable burden on the network.
Error - 29.11.2012 07:59:43 | Computer Name = tine-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 29.11.2012 07:59:54 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 08:00:20 | Computer Name = tine-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\tine\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Error - 29.11.2012 08:17:34 | Computer Name = tine-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1038 Startzeit:
01cdce2b4f4a82b2 Endzeit: 0 Anwendungspfad: C:\Users\tine\Downloads\OTL.exe Berichts-ID:
be4b99f3-3a1e-11e2-989f-6cf04909dd6b
[ Media Center Events ]
Error - 07.10.2010 09:17:13 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 15:17:12 - Fehler beim Herstellen der Internetverbindung. 15:17:12
- Serververbindung konnte nicht hergestellt werden..
Error - 07.10.2010 10:17:55 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 16:17:54 - Fehler beim Herstellen der Internetverbindung. 16:17:54
- Serververbindung konnte nicht hergestellt werden..
Error - 07.10.2010 11:22:14 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 17:22:13 - Fehler beim Herstellen der Internetverbindung. 17:22:13
- Serververbindung konnte nicht hergestellt werden..
Error - 07.10.2010 12:22:56 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 18:22:55 - Fehler beim Herstellen der Internetverbindung. 18:22:55
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2010 03:30:05 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 09:30:04 - Fehler beim Herstellen der Internetverbindung. 09:30:04
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2010 08:11:07 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 13:11:07 - Fehler beim Herstellen der Internetverbindung. 13:11:07
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2010 09:11:50 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 14:11:49 - Fehler beim Herstellen der Internetverbindung. 14:11:49
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2010 10:12:32 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 15:12:31 - Fehler beim Herstellen der Internetverbindung. 15:12:31
- Serververbindung konnte nicht hergestellt werden..
Error - 15.11.2010 11:13:14 | Computer Name = tine-PC | Source = MCUpdate | ID = 0
Description = 16:13:13 - Fehler beim Herstellen der Internetverbindung. 16:13:13
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 12.11.2010 11:16:54 | Computer Name = tine-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 350
seconds with 300 seconds of active time. This session ended with a crash.
Error - 21.06.2012 17:06:17 | Computer Name = tine-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 105
seconds with 0 seconds of active time. This session ended with a crash.
[ Spybot - Search and Destroy Events ]
Error - 28.11.2012 10:50:59 | Computer Name = tine-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 28.11.2012 11:20:00 | Computer Name = tine-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 28.11.2012 15:19:32 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 28.11.2012 15:19:32 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 28.11.2012 15:19:32 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 28.11.2012 15:19:32 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 28.11.2012 15:32:20 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error - 28.11.2012 15:37:24 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error - 28.11.2012 15:41:28 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Kaspersky Security Scan Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 29.11.2012 04:11:55 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
Error - 29.11.2012 04:11:58 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 29.11.2012 04:11:59 | Computer Name = tine-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
< End of report >
OLT.TXT PHP-Code: OTL logfile created on: 29.11.2012 13:17:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tine\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,96 Gb Total Physical Memory | 6,14 Gb Available Physical Memory | 77,04% Memory free
15,93 Gb Paging File | 13,73 Gb Available in Paging File | 86,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 71,34 Gb Free Space | 48,74% Space Free | Partition Type: NTFS
Drive D: | 146,48 Gb Total Space | 135,43 Gb Free Space | 92,45% Space Free | Partition Type: NTFS
Drive E: | 172,79 Gb Total Space | 10,02 Gb Free Space | 5,80% Space Free | Partition Type: NTFS
Drive G: | 229,49 Gb Total Space | 223,71 Gb Free Space | 97,48% Space Free | Partition Type: NTFS
Drive H: | 236,27 Gb Total Space | 147,23 Gb Free Space | 62,32% Space Free | Partition Type: NTFS
Computer Name: TINE-PC | User Name: tine | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\tine\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
PRC - C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
PRC - C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
PRC - C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\Mantle.exe (GFI Software Development Ltd.)
PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (ESET)
PRC - C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)
PRC - C:\PROGRA~2\WinTV\TVServer\CAPTUR~3.EXE (Hauppauge Computer Works)
PRC - C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe (Eastman Kodak Company)
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\PROGRA~2\WinTV\TVServer\HauppaugeTVServerps.dll ()
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:[b]64bit:[/b] - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SBAMSvc) -- C:\Program Files (x86)\GFI Software\VIPRE\SBAMSvc.exe (GFI Software)
SRV - (SBPIMSvc) -- C:\Program Files (x86)\GFI Software\VIPRE\SBPIMSvc.exe (GFI Software)
SRV - (gfi_lanss10_attservice) -- C:\Program Files (x86)\GFI Software\VIPRE\LanGuard 10 Agent\lnssatt.exe (GFI Software Development Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (HauppaugeTVServer) -- C:\PROGRA~2\WinTV\TVServer\HAUPPA~1.EXE (Hauppauge Computer Works)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Kodak AiO Network Discovery Service) -- C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe (Eastman Kodak Company)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HP LaserJet Service) -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (HP)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:[b]64bit:[/b] - (gfiark) -- C:\Windows\SysNative\drivers\gfiark.sys (GFI Software)
DRV:[b]64bit:[/b] - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:[b]64bit:[/b] - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:[b]64bit:[/b] - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (GFI Software)
DRV:[b]64bit:[/b] - (sbwtis) -- C:\Windows\SysNative\drivers\sbwtis.sys (GFI Software)
DRV:[b]64bit:[/b] - (SbHips) -- C:\Windows\SysNative\drivers\sbhips.sys (GFI Software)
DRV:[b]64bit:[/b] - (sbapifs) -- C:\Windows\SysNative\drivers\sbapifs.sys (GFI Software)
DRV:[b]64bit:[/b] - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (GFI Software)
DRV:[b]64bit:[/b] - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:[b]64bit:[/b] - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:[b]64bit:[/b] - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (hcw88vid) -- C:\Windows\SysNative\drivers\hcw88vid.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (HCW88TSE) -- C:\Windows\SysNative\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (hcw88bda) -- C:\Windows\SysNative\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (hcw88rc5) -- C:\Windows\SysNative\drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (HCW88XBAR) -- C:\Windows\SysNative\drivers\hcw88bar.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (HCW88AUD) -- C:\Windows\SysNative\drivers\hcw88aud.sys (Hauppauge Computer Works, Inc)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 72 7C 9D DB 83 CD CD 01 [binary data]
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.28 20:26:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.11 09:25:28 | 000,000,000 | ---D | M]
[2012.11.28 20:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tine\AppData\Roaming\mozilla\Extensions
[2012.11.28 20:26:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.25 11:24:57 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.11.20 07:17:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.11.20 08:13:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.20 08:13:26 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.20 08:13:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.20 08:13:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.20 08:13:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.20 08:13:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.11.28 19:55:06 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:[b]64bit:[/b] - HKLM..\Run: [HP Color LaserJet CM1312 MFP Series Fax] C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FineReader7NewsReaderPro] C:\Program Files (x86)\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe (ABBYY (BIT Software))
O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [SBAMTray] C:\Program Files (x86)\GFI Software\VIPRE\SBAMTray.exe (GFI Software)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ToolBoxFX] C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000..\Run: [Btwqey] C:\Users\tine\AppData\Roaming\PSHEDV.dll ()
O4 - HKU\S-1-5-21-3568278715-1815380235-1142484941-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D15C4484-95A3-443E-AD99-60AB440CA094}: DhcpNameServer = 192.168.10.1
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9fac406e-f194-11df-84fc-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9fac406e-f194-11df-84fc-806e6f6e6963}\Shell\AutoRun\command - "" = Start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012.11.29 09:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.11.29 09:24:57 | 002,322,184 | ---- | C] (ESET) -- C:\Users\tine\Desktop\esetsmartinstaller_enu.exe
[2012.11.28 20:26:28 | 000,000,000 | ---D | C] -- C:\Users\tine\AppData\Roaming\Mozilla
[2012.11.28 19:56:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.11.28 19:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.11.28 17:15:12 | 000,000,000 | ---D | C] -- C:\Users\tine\AppData\Roaming\Malwarebytes
[2012.11.28 17:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.28 17:14:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.28 17:14:10 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.28 17:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.28 15:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.11.28 15:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2012.11.28 15:29:00 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2012.11.28 15:28:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2012.11.28 15:28:04 | 000,000,000 | ---D | C] -- C:\Users\tine\AppData\Local\Programs
[2012.11.27 20:35:54 | 000,000,000 | ---D | C] -- C:\Users\tine\Desktop\Kalender
[2012.11.23 01:00:00 | 000,035,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfiark.sys
[2012.11.22 11:32:45 | 000,000,000 | ---D | C] -- C:\Users\tine\Documents\Aufgabenblätter Mathematik
[2012.11.07 09:58:38 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.11.07 09:54:25 | 000,000,000 | ---D | C] -- C:\AMD
[2012.11.07 09:47:35 | 000,646,248 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.11.06 11:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012.11.06 11:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012.11.03 13:42:04 | 000,000,000 | -HSD | C] -- C:\found.000
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012.11.29 09:24:57 | 002,322,184 | ---- | M] (ESET) -- C:\Users\tine\Desktop\esetsmartinstaller_enu.exe
[2012.11.29 09:16:01 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.29 09:16:01 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.29 09:16:01 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.29 09:16:01 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.29 09:16:01 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.29 09:15:34 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 09:15:34 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 09:10:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.29 09:10:22 | 2118,770,687 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.28 20:29:12 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.28 20:29:12 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.28 20:26:25 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.28 20:07:20 | 000,001,409 | ---- | M] () -- C:\Users\tine\Desktop\Internet Explorer (64-bit).lnk
[2012.11.28 20:03:48 | 000,004,032 | ---- | M] () -- C:\Users\tine\Documents\cc_20121128_200344.reg
[2012.11.28 20:00:59 | 000,022,922 | ---- | M] () -- C:\Users\tine\Documents\cc_20121128_200020.reg
[2012.11.28 19:55:06 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.11.28 17:08:29 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.28 16:10:54 | 000,874,578 | ---- | M] () -- C:\Users\tine\AppData\Local\census.cache
[2012.11.28 16:10:46 | 000,106,479 | ---- | M] () -- C:\Users\tine\AppData\Local\ars.cache
[2012.11.28 16:06:24 | 000,000,036 | ---- | M] () -- C:\Users\tine\AppData\Local\housecall.guid.cache
[2012.11.28 13:58:36 | 000,112,908 | ---- | M] () -- C:\Users\tine\Desktop\Reiseanmeldung1.pdf
[2012.11.28 13:55:20 | 000,110,692 | ---- | M] () -- C:\Users\tine\Desktop\Rechnung.pdf
[2012.11.27 22:38:04 | 000,296,954 | ---- | M] () -- C:\Users\tine\Desktop\lion_trans1.jpg
[2012.11.27 22:37:18 | 025,520,962 | ---- | M] () -- C:\Users\tine\Desktop\lion_trans.psd
[2012.11.27 22:15:35 | 000,072,384 | ---- | M] () -- C:\Users\tine\Desktop\schneemann_blank.jpg
[2012.11.27 22:03:29 | 000,072,611 | ---- | M] () -- C:\Users\tine\Desktop\schneemann.jpg
[2012.11.26 18:52:23 | 000,202,079 | ---- | M] () -- C:\Users\tine\Desktop\11_Exodus.pdf
[2012.11.26 18:49:12 | 000,131,072 | RHS- | M] () -- C:\Users\tine\AppData\Roaming\PSHEDV.dll
[2012.11.26 18:28:06 | 000,237,403 | ---- | M] () -- C:\Users\tine\Desktop\Frosch.pdf
[2012.11.22 13:17:22 | 005,397,032 | ---- | M] () -- C:\Users\tine\Desktop\Katze.pdf
[2012.11.22 13:15:55 | 000,963,440 | ---- | M] () -- C:\Users\tine\Desktop\Faszination_Katze_PDF.pdf
[2012.11.06 11:21:42 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012.11.28 20:26:25 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.28 20:26:25 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.28 20:07:20 | 000,001,409 | ---- | C] () -- C:\Users\tine\Desktop\Internet Explorer (64-bit).lnk
[2012.11.28 20:03:46 | 000,004,032 | ---- | C] () -- C:\Users\tine\Documents\cc_20121128_200344.reg
[2012.11.28 20:00:26 | 000,022,922 | ---- | C] () -- C:\Users\tine\Documents\cc_20121128_200020.reg
[2012.11.28 16:10:54 | 000,874,578 | ---- | C] () -- C:\Users\tine\AppData\Local\census.cache
[2012.11.28 16:10:46 | 000,106,479 | ---- | C] () -- C:\Users\tine\AppData\Local\ars.cache
[2012.11.28 16:06:24 | 000,000,036 | ---- | C] () -- C:\Users\tine\AppData\Local\housecall.guid.cache
[2012.11.28 15:29:03 | 000,002,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2012.11.28 13:58:35 | 000,112,908 | ---- | C] () -- C:\Users\tine\Desktop\Reiseanmeldung1.pdf
[2012.11.28 13:55:19 | 000,110,692 | ---- | C] () -- C:\Users\tine\Desktop\Rechnung.pdf
[2012.11.27 22:38:02 | 000,296,954 | ---- | C] () -- C:\Users\tine\Desktop\lion_trans1.jpg
[2012.11.27 22:37:16 | 025,520,962 | ---- | C] () -- C:\Users\tine\Desktop\lion_trans.psd
[2012.11.27 22:15:33 | 000,072,384 | ---- | C] () -- C:\Users\tine\Desktop\schneemann_blank.jpg
[2012.11.27 21:51:14 | 000,072,611 | ---- | C] () -- C:\Users\tine\Desktop\schneemann.jpg
[2012.11.26 18:52:23 | 000,202,079 | ---- | C] () -- C:\Users\tine\Desktop\11_Exodus.pdf
[2012.11.26 18:49:12 | 000,131,072 | RHS- | C] () -- C:\Users\tine\AppData\Roaming\PSHEDV.dll
[2012.11.26 18:28:06 | 000,237,403 | ---- | C] () -- C:\Users\tine\Desktop\Frosch.pdf
[2012.11.22 13:17:22 | 005,397,032 | ---- | C] () -- C:\Users\tine\Desktop\Katze.pdf
[2012.11.22 13:15:55 | 000,963,440 | ---- | C] () -- C:\Users\tine\Desktop\Faszination_Katze_PDF.pdf
[2012.11.07 09:47:35 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.11.06 11:21:42 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.06.27 15:06:59 | 000,000,027 | ---- | C] () -- C:\Users\tine\geonext.ini
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.25 11:29:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.12 13:54:41 | 000,007,609 | ---- | C] () -- C:\Users\tine\AppData\Local\Resmon.ResmonCfg
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2012.06.11 14:23:11 | 000,000,000 | ---D | M] -- C:\Users\tine\AppData\Roaming\cornelsen
[2012.11.28 19:57:27 | 000,000,000 | ---D | M] -- C:\Users\tine\AppData\Roaming\FileZilla
[2012.02.16 09:48:50 | 000,000,000 | ---D | M] -- C:\Users\tine\AppData\Roaming\GFI Software
[2012.05.24 21:31:15 | 000,000,000 | ---D | M] -- C:\Users\tine\AppData\Roaming\TeamViewer
[2010.02.11 15:53:21 | 000,000,000 | ---D | M] -- C:\Users\tine\AppData\Roaming\Temp
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
Was muss ich nun machen?
Danke
PDW
|
29.11.2012, 13:34
Baum-Darstellung