Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
PC friert ein und wird aus dem Energiesparmodus wach

PC friert ein und wird aus dem Energiesparmodus wach


Plagegeister aller Art und deren Bekämpfung: PC friert ein und wird aus dem Energiesparmodus wach

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.12.2012, 21:41   #1
Anfängerin
 
PC friert ein und wird aus dem Energiesparmodus wach - Standard

PC friert ein und wird aus dem Energiesparmodus wach


Hallo,
jetzt starte ich den 2. Versuch, weil ich ausgeloggt wurde, keine Ahnung warum.
Egal was ich tue, friert der PC nach circa 1/2 Std ein. Strg/alt/enf und dann auf "Abbrechen" oder "Taskmanager" lässt mich ohne Verluste weiter arbeiten.

Als Energieeinstellung habe ich sowohl ausbalanciert als auch den anderen Modus eingestellt. Kein automatischer Energiesparmodus, sondern über "Start" "Energiesparen".
Cmd lastwake nennt den Netzschalter als Ursache. Der soll aber bei Betätigung in den Energiesparmodus gehen.
Das Problem existierte schon vor Installation von TuneUp.
TrojanRemover, Bitfender und Avira haben nichts gefunden.

Avast gab folgende Fehlermeldung: Antirootkit funktioniert nicht mehr
erst beim 2. Anlauf lief das Programm durch.

Win 7 Professional 32 bit

Hier die Logfiles:

OTL logfile created on: 01.12.2012 20:24:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,41 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 60,97% Memory free
6,81 Gb Paging File | 5,00 Gb Available in Paging File | 73,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,22 Gb Free Space | 62,76% Space Free | Partition Type: NTFS
Drive D: | 221,52 Gb Total Space | 214,34 Gb Free Space | 96,76% Space Free | Partition Type: NTFS
Drive E: | 99,00 Mb Total Space | 79,24 Mb Free Space | 80,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 143,51 Gb Free Space | 97,97% Space Free | Partition Type: NTFS

Computer Name: **** | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\****\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\***\Desktop\aswMBR.exe (AVAST Software)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Programme\ITSRS\BirthdayAlarm2006\BirthdayAlarm2006.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Windows\System32\AvmSnd.dll ()
MOD - C:\Programme\ITSRS\BirthdayAlarm2006\BirthdayAlarm2006.exe ()


========== Services (SafeList) ==========

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirFirewallService) -- C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (ICCS) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (AppleChargerSrv) -- C:\Windows\System32\AppleChargerSrv.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (ABBYY.Licensing.FineReader.Professional.10.0) -- C:\Programme\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe (ABBYY)
SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


========== Driver Services (SafeList) ==========

DRV - (aswMBR) -- C:\Users\****\AppData\Local\Temp\aswMBR.sys File not found
DRV - (ASPI32) -- File not found
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avfwot) -- C:\Windows\System32\drivers\avfwot.sys (Avira GmbH)
DRV - (avfwim) -- C:\Windows\System32\drivers\avfwim.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman251) -- C:\Windows\System32\drivers\tdrpm251.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (GVTDrv) -- C:\Windows\System32\drivers\GVTDrv.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (AppleCharger) -- C:\Windows\System32\drivers\AppleCharger.sys ()
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (AVMPORT) -- C:\Windows\System32\drivers\avmport.sys (AVM Berlin)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (FPCIBASE) -- C:\Windows\System32\drivers\fpcibase.sys (AVM Berlin)
DRV - (AVMCOWAN) -- C:\Windows\System32\drivers\avmcowan.sys (AVM GmbH)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ig
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\..\SearchScopes,DefaultScope = {2ED91812-C2E5-4A63-8404-FB5E12DD24AD}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{2ED91812-C2E5-4A63-8404-FB5E12DD24AD}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7AURU_de DE506
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.2


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.19 17:33:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.29 23:27:27 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.19 17:33:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.29 23:27:27 | 000,000,000 | ---D | M]

[2012.10.11 05:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.12.01 15:57:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\hjz1kzk0.default\extensions
[2012.11.30 19:18:59 | 000,530,519 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\hjz1kzk0.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.11.23 15:57:31 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\hjz1kzk0.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.12.01 15:57:10 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\****\AppData\Roaming\mozilla\firefox\profiles\hjz1kzk0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.19 17:33:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.19 17:33:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.11.19 17:33:41 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.19 17:33:41 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.19 17:33:41 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.19 17:33:41 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.19 17:33:41 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.19 17:33:41 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2012.11.14 15:27:29 | 000,444,833 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15276 more lines...
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [QuickFinder Scheduler] c:\Program Files\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE (Corel Corporation)
O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ITSRS Birthday Alarm 2006.lnk = C:\Programme\ITSRS\BirthdayAlarm2006\BirthdayAlarm2006.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Open with WordPerfect - c:\Programme\Corel\WordPerfect Office X5\Programs\WPLauncher.hta ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D3E9134-48A5-4084-90C8-0989DE2E928F}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\mediabuilder.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\trueimagelauncher.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{97da30d2-0f1c-11e2-ac35-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{97da30d2-0f1c-11e2-ac35-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autoplay.exe -auto
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.12.01 20:23:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\****\Desktop\OTL.exe
[2012.12.01 20:09:34 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\****\Desktop\aswMBR.exe
[2012.12.01 19:34:50 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Virus
[2012.12.01 15:45:28 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.12.01 15:45:28 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.12.01 15:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.12.01 15:45:16 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\TuneUp Software
[2012.12.01 15:45:12 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2012.12.01 15:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.12.01 15:44:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.12.01 15:44:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.12.01 00:52:49 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Avira
[2012.12.01 00:52:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.12.01 00:52:15 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.01 00:52:14 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.01 00:52:14 | 000,112,584 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2012.12.01 00:52:14 | 000,092,008 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2012.12.01 00:52:14 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.01 00:52:14 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.01 00:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.12.01 00:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.12.01 00:37:24 | 000,022,872 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\System32\AdobePDFUI.dll
[2012.11.30 18:02:19 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2012.11.29 21:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.11.27 21:58:58 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.11.27 19:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.11.27 19:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2012.11.27 19:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012.11.27 19:00:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.11.27 18:59:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2012.11.27 18:59:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2012.11.27 18:58:46 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.11.26 18:21:52 | 000,000,000 | R--D | C] -- C:\Users\***\Documents\ypeysea6.Versuch
[2012.11.26 16:52:37 | 000,000,000 | ---D | C] -- C:\T-Online Banking
[2012.11.26 16:47:13 | 000,000,000 | ---D | C] -- C:\Users\****\Documents\T-Online_Banking_Backup
[2012.11.23 17:04:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2012.11.23 17:04:33 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2012.11.23 17:04:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2012.11.23 17:04:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2012.11.23 17:04:29 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2012.11.23 17:04:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2012.11.23 17:04:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2012.11.23 17:04:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2012.11.23 17:04:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2012.11.23 17:04:26 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2012.11.23 17:04:26 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2012.11.23 17:04:26 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2012.11.23 17:04:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2012.11.23 17:04:26 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2012.11.23 17:04:25 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2012.11.23 17:00:19 | 000,311,296 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLMA4.DLL
[2012.11.23 16:58:45 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.11.23 16:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2012.11.23 16:45:37 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\capicom.dll
[2012.11.23 16:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2012.11.23 16:29:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\QuickScan
[2012.11.22 21:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.11.19 17:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.19 14:52:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.11.14 18:40:28 | 000,000,000 | ---D | C] -- C:\Users\******\Documents\HTML
[2012.11.14 12:56:46 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.11.14 12:56:46 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.11.14 12:56:05 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.11.14 12:56:05 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.11.14 12:56:05 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.11.14 12:53:47 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2012.11.14 12:53:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore6.dll
[2012.11.14 12:53:31 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
[2012.11.14 12:53:26 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2012.11.14 12:53:25 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcorehc.dll
[2012.11.14 12:53:25 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2012.11.14 12:53:16 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.11.13 14:15:43 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\MeineBackups
[2012.11.13 13:40:56 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Acronis
[2012.11.13 13:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012.11.13 13:31:01 | 000,152,704 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys
[2012.11.13 13:30:59 | 000,902,432 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\tdrpm251.sys
[2012.11.13 13:30:58 | 000,570,016 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\timntr.sys
[2012.11.13 13:30:55 | 000,156,928 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys
[2012.11.13 13:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012.11.13 13:30:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2012.11.13 13:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2012.11.13 12:25:30 | 001,642,496 | ---- | C] (Polybytes®, Inc.) -- C:\Windows\System32\PolyImage2.dll
[2012.11.13 12:25:30 | 000,107,648 | ---- | C] (Q+E Software, Inc.) -- C:\Windows\System32\Tbutl04.dll
[2012.11.13 12:25:30 | 000,055,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Odbc.dll
[2012.11.13 12:25:30 | 000,047,872 | ---- | C] (Asymetrix Corp.) -- C:\Windows\System32\tbdcprnt.dll
[2012.11.13 12:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klett Werkstatt
[2012.11.13 12:25:29 | 000,179,136 | ---- | C] (Q+E Software, Inc.) -- C:\Windows\System32\Tbdbf04.dll
[2012.11.13 12:25:29 | 000,176,032 | ---- | C] (Asymetrix Corporation) -- C:\Windows\System32\TBDC.DLL
[2012.11.13 12:25:29 | 000,170,224 | ---- | C] (Q+E Software, Inc.) -- C:\Windows\System32\Tbflt04.dll
[2012.11.13 12:25:29 | 000,123,024 | ---- | C] (Asymetrix) -- C:\Windows\System32\Asymgrid.vbx
[2012.11.13 12:25:29 | 000,120,544 | ---- | C] (Q+E Software, Inc.) -- C:\Windows\System32\Tbbas04.dll
[2012.11.13 12:25:29 | 000,005,872 | ---- | C] (Q+E Software, Inc.) -- C:\Windows\System32\Tbmds04.dll
[2012.11.13 12:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\click2learn
[2012.11.13 12:25:26 | 000,000,000 | ---D | C] -- C:\Klett Werkstatt
[2012.11.11 21:55:42 | 000,000,000 | ---D | C] -- C:\Downloads
[2012.11.09 20:35:59 | 000,092,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ODBCINST.DLL
[2012.11.07 16:47:38 | 000,000,000 | R--D | C] -- C:\Users\*****\Documents\neu
[2012.11.06 16:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGFEO TK-Soft 32
[2012.11.04 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\3DVIA
[2012.11.04 19:20:06 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012.11.04 19:20:06 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll

========== Files - Modified Within 30 Days ==========

[2012.12.01 20:23:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\******\Desktop\OTL.exe
[2012.12.01 20:09:35 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\******\Desktop\aswMBR.exe
[2012.12.01 18:38:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.01 17:42:26 | 000,002,516 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012.12.01 16:32:48 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.01 16:32:48 | 000,015,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.01 16:29:41 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.01 16:29:41 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.01 16:29:41 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.01 16:29:41 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.01 16:26:24 | 000,001,379 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.12.01 16:25:19 | 2742,853,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.01 15:45:26 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.12.01 11:24:30 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.12.01 00:53:53 | 000,353,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.01 00:52:37 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.01 00:49:55 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.12.01 00:49:55 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.12.01 00:49:54 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.12.01 00:49:53 | 000,112,584 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwot.sys
[2012.12.01 00:49:53 | 000,092,008 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avfwim.sys
[2012.12.01 00:49:53 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.12.01 00:37:05 | 000,002,029 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro Extended.lnk
[2012.11.30 23:59:35 | 000,158,910 | ---- | M] () -- C:\Users\******\Documents\cc_20121130_235930.reg
[2012.11.30 20:28:16 | 000,005,434 | ---- | M] () -- C:\Users\******\Documents\adobe.reg
[2012.11.30 20:08:24 | 000,231,339 | ---- | M] () -- C:\Users\*****\Documents\Druck3-spaltigaufDINA4Normalpapier-ps484845.pdf
[2012.11.30 17:49:25 | 000,000,938 | ---- | M] () -- C:\Users\******\Documents\Registry 30-11.reg
[2012.11.29 20:33:23 | 000,006,652 | ---- | M] () -- C:\Users\*******\Documents\cc_20121129_203319.reg
[2012.11.29 19:58:19 | 000,216,629 | ---- | M] () -- C:\ProgramData\1354215255.bdinstall.bin
[2012.11.23 16:55:24 | 000,573,441 | ---- | M] () -- C:\ProgramData\1353685039.bdinstall.bin
[2012.11.23 16:46:32 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2012.11.22 19:58:27 | 000,059,392 | R--- | M] () -- C:\Windows\System32\streamhlp.dll
[2012.11.21 21:24:43 | 000,001,260 | ---- | M] () -- C:\Users\*******\Desktop\Natura Oberstufe Lehrerband Teil B.lnk
[2012.11.21 18:01:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.20 16:56:58 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.16 19:39:34 | 000,007,605 | ---- | M] () -- C:\Users\******\AppData\Local\Resmon.ResmonCfg
[2012.11.14 15:31:37 | 000,000,000 | ---- | M] () -- C:\Windows\pestpatrol5.INI
[2012.11.14 15:27:29 | 000,444,833 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.11.13 13:31:01 | 000,152,704 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys
[2012.11.13 13:30:59 | 000,902,432 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\tdrpm251.sys
[2012.11.13 13:30:58 | 000,570,016 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\timntr.sys
[2012.11.13 13:30:55 | 000,156,928 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys
[2012.11.13 13:30:54 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Acronis One-Click Backup.lnk
[2012.11.13 13:30:54 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2010.lnk
[2012.11.13 13:21:53 | 000,001,360 | ---- | M] () -- C:\Users\******\Documents\cc_20121113_132150.reg
[2012.11.13 12:25:30 | 000,002,056 | ---- | M] () -- C:\Users\*******\Desktop\Natura Oberstufe Lehrerband Teil A.lnk
[2012.11.09 22:50:27 | 000,001,158 | ---- | M] () -- C:\Users\********\Documents\cc_20121109_225023.reg
[2012.11.09 21:46:51 | 000,000,206 | ---- | M] () -- C:\Windows\odbc.ini
[2012.11.09 21:46:51 | 000,000,151 | ---- | M] () -- C:\Windows\odbcinst.ini
[2012.11.09 20:42:31 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.11.09 20:42:31 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.11.08 17:13:53 | 000,003,029 | ---- | M] () -- C:\Users\******\Desktop\Word.lnk
[2012.11.08 17:13:46 | 000,003,047 | ---- | M] () -- C:\Users\******\Desktop\Excel.lnk
[2012.11.08 17:09:33 | 000,003,095 | ---- | M] () -- C:\Users\******\Desktop\PowerPoint.lnk
[2012.11.03 18:44:53 | 000,002,530 | ---- | M] () -- C:\Users\*******\Documents\cc_20121103_184444.reg

========== Files Created - No Company Name ==========

[2012.12.01 15:45:26 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.12.01 15:45:26 | 000,001,379 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.12.01 15:45:25 | 000,002,183 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.12.01 00:52:37 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.12.01 00:37:05 | 000,002,471 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro Extended.lnk
[2012.12.01 00:37:05 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2012.12.01 00:37:05 | 000,002,029 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat 9 Pro Extended.lnk
[2012.11.30 23:59:33 | 000,158,910 | ---- | C] () -- C:\Users\*****\Documents\cc_20121130_235930.reg
[2012.11.30 20:28:16 | 000,005,434 | ---- | C] () -- C:\Users\*****\Documents\adobe.reg
[2012.11.30 20:08:23 | 000,231,339 | ---- | C] () -- C:\Users\******\Documents\Druck3-spaltigaufDINA4Normalpapier-ps484845.pdf
[2012.11.30 17:49:25 | 000,000,938 | ---- | C] () -- C:\Users\******\Documents\Registry 30-11.reg
[2012.11.29 20:33:21 | 000,006,652 | ---- | C] () -- C:\Users\*******\Documents\cc_20121129_203319.reg
[2012.11.29 19:58:19 | 000,216,629 | ---- | C] () -- C:\ProgramData\1354215255.bdinstall.bin
[2012.11.23 16:55:24 | 000,573,441 | ---- | C] () -- C:\ProgramData\1353685039.bdinstall.bin
[2012.11.23 16:46:32 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2012.11.22 19:58:21 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2012.11.14 16:39:15 | 2742,853,632 | -HS- | C] () -- C:\hiberfil.sys
[2012.11.14 15:31:37 | 000,000,000 | ---- | C] () -- C:\Windows\pestpatrol5.INI
[2012.11.14 12:56:51 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.14 12:56:05 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.13 13:30:54 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Acronis One-Click Backup.lnk
[2012.11.13 13:30:54 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2010.lnk
[2012.11.13 13:21:51 | 000,001,360 | ---- | C] () -- C:\Users\******\Documents\cc_20121113_132150.reg
[2012.11.13 12:29:25 | 000,001,260 | ---- | C] () -- C:\Users\*******\Desktop\Natura Oberstufe Lehrerband Teil B.lnk
[2012.11.13 12:25:30 | 000,002,056 | ---- | C] () -- C:\Users\*******\Desktop\Natura Oberstufe Lehrerband Teil A.lnk
[2012.11.13 12:25:29 | 000,293,712 | ---- | C] () -- C:\Windows\System32\Tbsql03.dll
[2012.11.13 12:25:29 | 000,246,368 | ---- | C] () -- C:\Windows\System32\Tbqry03.dll
[2012.11.13 12:25:29 | 000,145,696 | ---- | C] () -- C:\Windows\System32\Tblib.dll
[2012.11.13 12:25:29 | 000,090,688 | ---- | C] () -- C:\Windows\System32\Tbutl03.dll
[2012.11.13 12:25:29 | 000,014,512 | ---- | C] () -- C:\Windows\System32\Tbgui03.dll
[2012.11.13 12:25:29 | 000,005,488 | ---- | C] () -- C:\Windows\System32\Tbmds03.dll
[2012.11.13 12:25:29 | 000,000,440 | ---- | C] () -- C:\Windows\System32\Qeasymtx.lic
[2012.11.09 22:50:26 | 000,001,158 | ---- | C] () -- C:\Users\*******\Documents\cc_20121109_225023.reg
[2012.11.09 21:46:51 | 000,000,206 | ---- | C] () -- C:\Windows\odbc.ini
[2012.11.09 21:46:51 | 000,000,151 | ---- | C] () -- C:\Windows\odbcinst.ini
[2012.11.08 17:13:53 | 000,003,029 | ---- | C] () -- C:\Users\******\Desktop\Word.lnk
[2012.11.08 17:13:46 | 000,003,047 | ---- | C] () -- C:\Users\***\Desktop\Excel.lnk
[2012.11.08 17:09:33 | 000,003,095 | ---- | C] () -- C:\Users\****\Desktop\PowerPoint.lnk
[2012.11.03 18:44:51 | 000,002,530 | ---- | C] () -- C:\Users\*****\Documents\cc_20121103_184444.reg
[2012.11.01 12:33:30 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin
[2012.10.29 23:15:13 | 000,007,605 | ---- | C] () -- C:\Users\******\AppData\Local\Resmon.ResmonCfg
[2012.10.12 17:11:24 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys
[2012.10.12 17:11:24 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys
[2012.10.10 05:32:16 | 000,000,259 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.10.10 05:32:12 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012.10.10 05:32:10 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.10.10 05:32:08 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin
[2012.10.09 14:25:29 | 000,413,696 | ---- | C] () -- C:\Windows\System32\AvmFaxSP.dll
[2012.10.09 14:25:29 | 000,061,440 | ---- | C] () -- C:\Windows\System32\AvmSnd.dll
[2012.10.07 16:51:21 | 000,000,321 | ---- | C] () -- C:\Windows\PowerReg.dat
[2012.10.06 12:04:04 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.10.06 12:04:04 | 000,000,008 | RHS- | C] () -- C:\ProgramData\666E0C2F39.sys
[2012.10.06 02:47:14 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.10.05 19:59:08 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2012.10.05 19:53:18 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.10.05 19:52:25 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2012.10.05 19:52:25 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2012.10.05 19:51:37 | 000,215,644 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.10.05 19:51:00 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.10.05 19:50:59 | 000,963,912 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.10.05 19:50:59 | 000,261,208 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.10.05 19:50:59 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.10.05 19:49:38 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.12.08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

OTL Extras logfile created on: 01.12.2012 20:24:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,41 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 60,97% Memory free
6,81 Gb Paging File | 5,00 Gb Available in Paging File | 73,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 61,22 Gb Free Space | 62,76% Space Free | Partition Type: NTFS
Drive D: | 221,52 Gb Total Space | 214,34 Gb Free Space | 96,76% Space Free | Partition Type: NTFS
Drive E: | 99,00 Mb Total Space | 79,24 Mb Free Space | 80,05% Space Free | Partition Type: NTFS
Drive F: | 146,48 Gb Total Space | 143,51 Gb Free Space | 97,97% Space Free | Partition Type: NTFS

Computer Name: *** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{152CED63-1DCD-414C-BB50-289C3B2AF4F3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F1BF019-FD8E-4B5D-A731-48CDDB5AE6BA}" = lport=445 | protocol=6 | dir=in | app=system |
"{3937C985-B889-4CAF-8615-336C1AEE9D9B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E154A41-19CF-4D28-9938-7AD80F8A9721}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{436E69E0-84A4-4C45-978C-6FFDE476ECE1}" = rport=445 | protocol=6 | dir=out | app=system |
"{48F78BB3-66F7-4813-BA56-438151932BD6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4EA3015C-FEFF-4169-90BA-CCC38E5AB9B8}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{51F6DFA8-11BF-47C4-BFE9-AC6CD8E5340B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{58E0F183-CA1E-4884-A3AD-4897E676A66F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{797E6C52-B2CD-4597-B000-6AE5585B0463}" = rport=138 | protocol=17 | dir=out | app=system |
"{9ED94331-D386-40B0-AB75-2BDDB221B4AC}" = lport=137 | protocol=17 | dir=in | app=system |
"{A802607D-36B7-4B16-9693-076F7B5435BC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B9F2B538-5A37-408E-99E3-097D359FBED6}" = rport=137 | protocol=17 | dir=out | app=system |
"{BAB12EF9-171D-4F14-A1A6-6E02A901027A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C6D05FA1-C5B8-40D8-BB49-2205BE8C5C90}" = lport=139 | protocol=6 | dir=in | app=system |
"{CA6EF42F-7FF9-45D8-84D7-5A780AAF1697}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAD52E6C-3FF0-4ADF-8C5A-14EF480D7A1A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D9FA0846-A812-4EB2-AE6C-1AA9C8BA9978}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E5A736C2-227F-4D8F-A77D-8ED98FA2BB0A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EA0B9477-489D-465A-B799-5F3FCF10EF59}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EB3648C6-4DA8-46D4-A6EB-575541342D72}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED6EFA86-49AC-413D-90E9-78BDA54DD4ED}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F0050EF1-1F79-4E64-91DC-81AB84B45799}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FAE06FBF-A0EF-4582-BC63-C4FABE18FAAF}" = rport=139 | protocol=6 | dir=out | app=system |
"{FCECBFB8-AFA0-4C89-87C3-BE57204A3671}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C2929DB-B296-423A-859B-1FC63486EDF3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0D143CE7-7638-4207-8A2A-BAFBE05078BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{13256AD3-B5D8-4170-999A-C75DAC93CDCD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{19A73319-0EA9-491A-884D-940BE307FCC5}" = protocol=6 | dir=out | app=system |
"{19C69230-A22E-459B-B593-3CFCF0AEDBA9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F86FD68-5D4C-4CA3-8B8D-A552A5469751}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{28F4DC93-F82F-4321-A6ED-16957098FFB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{348700FA-FF8C-4C6A-B532-8D5AAE48B25E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{37666ADB-5B82-45F4-97CC-2A7D28553638}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3BCCEB81-3896-42BE-9589-B6171F3B11D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42EDC977-DECD-4483-8210-531C92F0782E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{71D29779-E7B0-4E32-A03F-9A66871BBCE8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{8C93C5A7-CD88-4EB3-BDD8-9233DD214DDA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9DC14730-F4E6-4B02-BC7F-0253DD8B3FA6}" = protocol=17 | dir=in | app=c:\program files\fritz!\fboxset.exe |
"{9DC959FC-6781-4C32-8C76-A9D57C25BABA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9E18CE00-89BB-4368-8115-E3712010C5B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3800AC4-DAAB-4598-AF04-499D2E86DFF6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A8BFC086-8E70-49AA-B3B2-0F6FD3C6D1EA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B05CAFC9-B904-43E8-8092-45E682629E58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC62EC4C-322B-4883-A7D6-6116829E5836}" = protocol=6 | dir=in | app=c:\program files\fritz!\igd_finder.exe |
"{E2A34A65-7329-4F4A-AF75-8DEE7FCEF157}" = protocol=6 | dir=in | app=c:\program files\fritz!\fboxset.exe |
"{F6E023F0-071F-446F-91F8-E3E42B6611E5}" = protocol=17 | dir=in | app=c:\program files\fritz!\igd_finder.exe |
"{FD18066A-5E29-4A45-9E13-65ACA65EC90A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{5001F489-65F8-44D3-A3ED-EC657E27E336}C:\program files\fritz!\frifax32.exe" = protocol=6 | dir=in | app=c:\program files\fritz!\frifax32.exe |
"UDP Query User{BCA01244-7D5C-4032-9170-31CC3E982584}C:\program files\fritz!\frifax32.exe" = protocol=17 | dir=in | app=c:\program files\fritz!\frifax32.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00277C92-28A4-4A4F-828C-3C7C15732E9E}" = Banking
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series" = Canon iP2700 series Printer Driver
"{13EBF9E8-82FF-47D0-A324-534B79EF7F71}" = WordPerfect Office X5 - WT
"{17C5A285-F7B6-492B-8F3B-343D02B84D75}" = WordPerfect Office X5 - Common
"{19B4CD07-1919-4002-B28F-A5D2027026E0}" = WordPerfect Office X5 - IPM
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = Corel WordPerfect Office - iFilter
"{1F0D7D15-8A36-4AE4-8573-70BEA7DF379D}" = WordPerfect Office X5 - Migration Manager
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5}" = WordPerfect Office X5 - PR
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{4873CC58-69D8-490D-9E5C-001DC2EE2010}" = WordPerfect Lightning - Messages
"{4873CC58-69D8-490D-9E5C-001DC2EE2020}" = WordPerfect Lightning - IPM
"{64459BD5-3AE8-4689-B7B0-D57B667D8399}" = WordPerfect Office X5 - PerfectExperts EN
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67ED9603-CB76-4338-B7B0-690FE144C4DA}" = WordPerfect Lightning
"{6C13C708-FF28-4991-84E6-5526A0EE677B}" = WordPerfect Office X5 - Oxford
"{6E4B1E42-A831-44B4-A705-D006F68560EC}" = WordPerfect Office X5 - Graphics
"{6FBA7655-02D7-4C31-96B7-EE9E41EF1DBB}" = Natura Oberstufe Lehrerband Teil B
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5}" = WordPerfect Office X5 - System EN
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{852F940A-BE93-4DF9-98E5-6F5FA7AFF3EE}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92B60B3B-7DF3-4BF7-8823-9F17A9EEA31E}" = WordPerfect Office X5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A6FD1334-FD75-4951-935D-08F8C7E4C6B0}" = WordPerfect Office X5 - Sharepoint
"{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}" = Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
"{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5
"{C2F1F96A-057E-5819-B52E-FEA1D1D2933B}" = Acronis True Image Home
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{CD5C6C29-E6CB-4DF3-B45F-A04087B1C294}" = WordPerfect Office X5 - Templates
"{D4167D08-0F61-4F44-BC3F-26B4960745C4}" = WordPerfect Office X5 - Skins
"{D5A0AE29-41FC-4F78-9A7E-F5C9968B868F}" = Natura Oberstufe Lehrerband Teil A
"{D7643510-C1AE-44AD-B0F9-0665C4D73BFD}" = WordPerfect Office X5 - LegalTools
"{DAEDCD3D-B981-4F10-B17B-764753EDAF9F}" = WordPerfect Office X5 - QP
"{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}" = WordPerfect Office X5 - Setup Files
"{E539B721-4458-4EFC-8BD0-04D4842051AE}" = Wordperfect Office X5 - EN
"{E67732DE-3387-4F1E-BDDA-2D0C08BC025B}" = WordPerfect Office X5 - Filters
"{EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD}" = WordPerfect Office X5 - WP
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F1000000-0001-0000-0000-074957833700}" = ABBYY FineReader 10 Professional Edition
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F6EE49FD-B736-4888-A05A-115F3B1160FA}" = WordPerfect Lightning - MSOM
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AGFEO TK-Soft 32" = AGFEO TK-Soft 32
"Avira AntiVir Desktop" = Avira Internet Security
"AVM ISDN CAPI Port" = AVM ISDN CAPI Port
"AVM ISDN TAPI Services" = AVM ISDN TAPI Services for CAPI
"CCleaner" = CCleaner
"Corel Applications" = Corel(R) Applications
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Revo Uninstaller" = Revo Uninstaller 1.94
"Synchredible_is1" = Synchredible v4.0
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.3
"WinRAR archiver" = WinRAR 4.20 (32-Bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.11.2012 17:02:02 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.6025.1000,
Zeitstempel: 0x4d949895 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17932,
Zeitstempel: 0x503275ba Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000d3cf ID des fehlerhaften
Prozesses: 0x1160 Startzeit der fehlerhaften Anwendung: 0x01cdcce26ece89c2 Pfad der
fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: b0679956-38d5-11e2-b70c-404e57434401

Error - 27.11.2012 17:02:54 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.6025.1000,
Zeitstempel: 0x4d949895 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.17932,
Zeitstempel: 0x503275ba Ausnahmecode: 0xc06d007e Fehleroffset: 0x0000d3cf ID des fehlerhaften
Prozesses: 0x104c Startzeit der fehlerhaften Anwendung: 0x01cdcce2903015da Pfad der
fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE Pfad
des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: cf5e3fa6-38d5-11e2-b70c-404e57434401

Error - 29.11.2012 15:54:42 | Computer Name = **** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000c380b ID des fehlerhaften
Prozesses: 0x2a4 Startzeit der fehlerhaften Anwendung: 0x01cdce6a6ce8a03b Pfad der
fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung:
9d0712c4-3a5e-11e2-9428-404e57434401

Error - 30.11.2012 15:04:25 | Computer Name = **** | Source = Application Hang | ID = 1002
Description = Programm Acrobat.exe, Version 9.0.0.332 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10e8 Startzeit:
01cdcf2d5df72e15 Endzeit: 15 Anwendungspfad: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

Berichts-ID:
b71435bf-3b20-11e2-adaa-50e5491e4fcb

Error - 30.11.2012 15:05:55 | Computer Name = **** | Source = Application Hang | ID = 1002
Description = Programm Acrobat.exe, Version 9.0.0.332 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: eac Startzeit:
01cdcf2d8776cb7c Endzeit: 0 Anwendungspfad: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

Berichts-ID:
ed31fe7a-3b20-11e2-adaa-50e5491e4fcb

Error - 30.11.2012 15:09:23 | Computer Name = **** | Source = Application Hang | ID = 1002
Description = Programm Acrobat.exe, Version 9.0.0.332 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1070 Startzeit:
01cdcf2df9df92ba Endzeit: 16 Anwendungspfad: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe

Berichts-ID:
6ce6b580-3b21-11e2-adaa-50e5491e4fcb

Error - 30.11.2012 15:10:08 | Computer Name = **** | Source = VSS | ID = 8194
Description =

Error - 30.11.2012 18:17:52 | Computer Name =**** | Source = VSS | ID = 8194
Description =

Error - 30.11.2012 18:55:50 | Computer Name = *** | Source = VSS | ID = 8194
Description =

Error - 01.12.2012 15:14:34 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1707,
Zeitstempel: 0x509be8bf Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00052cc7 ID des fehlerhaften
Prozesses: 0x5d4 Startzeit der fehlerhaften Anwendung: 0x01cdcff76c4fc366 Pfad der
fehlerhaften Anwendung: C:\Users\****\Desktop\aswMBR.exe Pfad des fehlerhaften
Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 570e3b12-3beb-11e2-ad59-50e5491e4fcb

[ System Events ]
Error - 29.11.2012 12:12:50 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 29.11.2012 14:42:29 | Computer Name =**** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 29.11.2012 14:54:41 | Computer Name = *** | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden
Fehlers fehlgeschlagen: %%5

Error - 29.11.2012 15:48:00 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 29.11.2012 15:57:38 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 29.11.2012 16:27:39 | Computer Name = *** | Source = DCOM | ID = 10010
Description =

Error - 29.11.2012 16:28:38 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 29.11.2012 17:40:37 | Computer Name = **** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 30.11.2012 06:17:13 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error - 30.11.2012 12:07:22 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ASPI32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


< End of report >

Ich hoffe ich habe alles richtig gemacht und mir kann geholfen werden.
Einen schönen 1. Advent.
Grüße von der
Anfängerin

Antwort

Themen zu PC friert ein und wird aus dem Energiesparmodus wach
7-zip, antivir, autorun, avira, bho, canon, converter, energiesparmodus, error, firefox, flash player, format, friert ein, helper, iexplore.exe, install.exe, installation, lightning, mozilla, mp3, ntdll.dll, problem, programm, realtek, registry, revo uninstaller, rundll, scan, security, software, svchost.exe, taskhost.exe, taskmanager, windows


« Entfernung GVU Trojaner- Rechner nicht sauber nach DE Cleaner | CPU Auslastung am oberen Limit, bremst System aus, vielleicht ein Virus? »


Ähnliche Themen: PC friert ein und wird aus dem Energiesparmodus wach


  1. Windows 8: automatische Updatefunktion in den Diensten fehlt, Rechner friert gelegentlich ein/wird extrem langsam
    Log-Analyse und Auswertung - 07.07.2015 (1)
  2. Win 7: Bildschrim friert ein und dann wird er schwarz oder weiß und es geht nichts mehr. 'C:\...\Temp\E16.tmp
    Log-Analyse und Auswertung - 31.12.2014 (11)
  3. Laptop wird mit der Zeit immer langsamer und friert bisweilen ein
    Log-Analyse und Auswertung - 20.08.2013 (17)
  4. Virus/Trojaner im Energiesparmodus aktiv?
    Plagegeister aller Art und deren Bekämpfung - 01.08.2013 (10)
  5. Rechner fährt aus Ruhezustand und Energiesparmodus gleich wieder hoch!
    Alles rund um Windows - 14.05.2013 (3)
  6. Labtop friert ein/wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (4)
  7. Komplettes System friert bei mehreren Browsern ein, sobald ebay-log-in-Seite aufgerufen wird.
    Plagegeister aller Art und deren Bekämpfung - 24.02.2013 (18)
  8. Noch jemand wach? Habe unnormale Einträge im Taskmanager und traue meinem PC nicht mehr....
    Log-Analyse und Auswertung - 23.09.2012 (2)
  9. Nach Energiesparmodus kein Sound
    Alles rund um Windows - 16.08.2011 (9)
  10. Windows Vista Energiesparmodus Problem
    Alles rund um Windows - 16.08.2011 (15)
  11. Windows XP Restore Virus !Ist noch jemand wach"
    Log-Analyse und Auswertung - 20.06.2011 (12)
  12. Windows 7 Energiesparmodus
    Alles rund um Windows - 16.02.2010 (0)
  13. PC friert ein, AntiVir und Co wird geblockt, Malware Defence, Security Center Alert
    Plagegeister aller Art und deren Bekämpfung - 17.01.2010 (1)
  14. Bluescreen nach Energiesparmodus
    Alles rund um Windows - 02.01.2010 (7)
  15. PC wird immer langsamer und friert ein
    Mülltonne - 20.12.2008 (0)
  16. Vista geht nicht mehr in den Energiesparmodus
    Log-Analyse und Auswertung - 10.10.2007 (2)
  17. PC wird beim Spielen Lnagsamer oder Friert ein
    Netzwerk und Hardware - 18.11.2006 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC friert ein und wird aus dem Energiesparmodus wach - Hallo, jetzt starte ich den 2. Versuch, weil ich ausgeloggt wurde, keine Ahnung warum. Egal was ich tue, friert der PC nach circa 1/2 Std ein. Strg/alt/enf und dann auf - PC friert ein und wird aus dem Energiesparmodus wach...
Archiv
Du betrachtest: PC friert ein und wird aus dem Energiesparmodus wach auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129