| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BCCode: 124 - SystemabsturzWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.01.2013, 09:41
| #1 |
 |  BCCode: 124 - Systemabsturz Guten Morgen, seit geraumer Zeit fährt mein System (PC W7 64 bit) auch im Leerlaufprozess ohne Vorwarnung herunter. Nach dem Neustart weist mich Windows darauf hin, dass es nach "unerwartetem Herunterfahren" wieder ausgeführt wird und liefert folgendes Detail: Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.1.7601.2.1.0.768.3 Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 124 BCP1: 0000000000000000 BCP2: FFFFFA800576F038 BCP3: 0000000000000000 BCP4: 0000000000000000 OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Was könnte der Grund sein? Ist das ein Hinwei sauf ein tiefer liegendes Problem? Der Rechner läuft danach immer einwandfrei mit der (allerdings jetzt erstmals aufgetretenen )Ausnahme, dass ich aus dem EMail - Programm (arcor) keien Anhänge mehr direkt öffnen kann, sondern diese erst abspeichern und dann vom Speicherort aus öffnen muss. Vielen Dank im Voraus für Eure Hilfe. |
|
04.02.2013, 02:11
| #2 |
| /// Helfer-Team  | BCCode: 124 - Systemabsturz bitte mal ein Screenshot: BlueScreenView - Download - Filepony und Systemscan mit OTL (bebilderte Anleitung) Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe
__________________ |
|
07.02.2013, 12:03
| #3 |
| | BCCode: 124 - Systemabsturz Hallo und vorab danke für die Unterstützung.
__________________Schritt 1 (BlueScreenView) hat funktioniert; wie kann ich die Ergebnissliste hier posten? Hier die Logfiles von OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 2/7/2013 11:53:15 AM - Run 2 OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\Ernst & Gogg\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 43.90% Memory free 8.00 Gb Paging File | 5.13 Gb Available in Paging File | 64.21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1366.17 Gb Total Space | 1061.14 Gb Free Space | 77.67% Space Free | Partition Type: NTFS Drive D: | 30.00 Gb Total Space | 10.37 Gb Free Space | 34.58% Space Free | Partition Type: NTFS Drive I: | 465.65 Gb Total Space | 180.63 Gb Free Space | 38.79% Space Free | Partition Type: FAT32 Drive J: | 1.92 Gb Total Space | 1.20 Gb Free Space | 62.34% Space Free | Partition Type: FAT Computer Name: MEDION01 | User Name: Ernst & Gogg | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ernst & Gogg\Desktop\bluescreenview_1.46\BlueScreenView.exe (NirSoft) PRC - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) PRC - C:\Users\Ernst & Gogg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia) PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Users\Ernst & Gogg\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe () PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll () MOD - C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll () MOD - C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia) DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia) DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia) DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia) DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\RTL8192su.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices) DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de/ IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393DE420 IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\..\SearchScopes\{AAF08C6E-80BB-469E-8A50-15A07B470FD6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393DE420 IE - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/08/05 18:42:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/01/04 13:20:25 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Ernst & Gogg\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Ernst & Gogg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145\ O1 HOSTS File: ([2012/06/30 08:21:55 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3:64bit: - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\..\Toolbar\WebBrowser: (Foxit PDF Creator Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-21-2881200875-1395689310-235358202-1001..\Run: [] File not found O4 - HKU\S-1-5-21-2881200875-1395689310-235358202-1001..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - Startup: C:\Users\Ernst & Gogg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Ernst & Gogg\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Ernst & Gogg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk = C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2881200875-1395689310-235358202-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O16:64bit: - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.10.2) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FC4AE18-1088-4A4E-A5C3-01A88EF86339}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{968D1D2D-689F-407A-9952-71D7A2706EF2}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/07 11:48:34 | 000,000,000 | ---D | C] -- C:\Users\Ernst & Gogg\Desktop\bluescreenview_1.46 [2013/02/02 14:12:12 | 000,000,000 | ---D | C] -- C:\Users\Ernst & Gogg\Urlaub 2013 [2013/01/24 13:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2013/01/24 13:42:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution [2013/01/24 13:16:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PCSuite [2013/01/24 13:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite [2013/01/13 19:39:38 | 001,081,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013/01/13 19:39:38 | 000,308,200 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013/01/13 19:39:26 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013/01/10 01:13:07 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/01/10 01:13:07 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/01/10 01:12:54 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013/01/10 01:12:53 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013/01/10 01:12:46 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/01/10 01:12:46 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013/01/10 01:12:46 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013/01/10 01:12:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013/01/10 01:12:46 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013/01/10 01:12:46 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013/01/10 01:12:46 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013/01/10 01:12:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013/01/10 01:12:46 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013/01/10 01:12:46 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013/01/10 01:12:46 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013/01/10 01:12:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013/01/10 01:12:46 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013/01/10 01:12:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013/01/10 01:12:46 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013/01/10 01:12:46 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013/01/10 01:12:46 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013/01/10 01:12:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013/01/10 01:12:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013/01/10 01:12:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013/01/10 01:12:46 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013/01/10 01:12:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013/01/10 01:12:46 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013/01/10 01:12:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013/01/10 01:12:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013/01/10 01:12:45 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013/01/10 01:12:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013/01/10 01:12:45 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013/01/10 01:12:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013/01/10 01:12:45 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013/01/10 01:12:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013/01/10 01:12:45 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013/01/10 01:12:19 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/01/10 01:12:18 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013/01/10 01:12:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013/01/10 01:12:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013/01/10 01:12:18 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013/01/10 01:12:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/01/10 01:12:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/01/10 01:12:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/01/10 01:12:18 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013/01/10 01:12:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/01/10 01:12:18 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/01/10 01:12:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/01/10 01:12:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/01/10 01:12:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/10 01:12:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/01/10 01:12:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/01/10 01:12:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/01/10 01:12:17 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/01/10 01:12:17 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/01/10 01:12:17 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/01/10 01:12:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/01/10 01:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/01/10 01:12:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/01/10 01:12:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/01/10 01:12:07 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2011/03/02 10:27:39 | 000,359,936 | ---- | C] (SHI Elektronische Medien GmbH) -- C:\Users\Ernst & Gogg\IPView.exe [2011/03/02 10:19:57 | 000,167,936 | ---- | C] (ADVOLINE GmbH & Co. KG) -- C:\Users\Ernst & Gogg\progset.exe [2011/03/02 10:19:57 | 000,144,384 | ---- | C] (Verlag Dr. Otto-Schmidt) -- C:\Users\Ernst & Gogg\Formularpraxis.exe [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/02/07 11:48:22 | 000,066,006 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\bluescreenview_1.46.zip [2013/02/07 11:40:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/07 11:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/06 18:40:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/05 22:09:23 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/02/05 22:09:23 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/02/04 04:48:20 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/04 04:48:20 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/31 08:01:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/31 08:01:35 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys [2013/01/24 13:44:06 | 000,002,136 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2013/01/24 13:16:08 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk [2013/01/24 12:36:45 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/01/24 12:36:45 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/01/24 12:36:45 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/01/24 12:36:45 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/01/24 12:36:45 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/01/18 19:41:14 | 000,000,017 | ---- | M] () -- C:\Users\Ernst & Gogg\AppData\Local\resmon.resmoncfg [2013/01/17 10:08:56 | 000,086,371 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\UStVA 4. VJ 2012.pdf [2013/01/13 19:39:17 | 001,081,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2013/01/13 19:39:17 | 000,959,976 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2013/01/13 19:39:17 | 000,308,200 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013/01/13 19:39:17 | 000,188,392 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013/01/13 19:39:17 | 000,188,392 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013/01/13 19:39:17 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013/01/13 11:03:05 | 000,008,271 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2012_12.pdf [2013/01/13 11:02:19 | 000,007,875 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2012_11.pdf [2013/01/13 11:00:04 | 000,008,125 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2013_01.pdf [2013/01/13 10:59:28 | 000,008,650 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_20130113.pdf [2013/01/12 19:03:05 | 000,016,721 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Kontoumsaetze_189_115318800_20130112_190301.pdf [2013/01/12 18:59:53 | 000,010,854 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\Umsatzanzeige_5409342769_20130112.csv [2013/01/10 16:10:46 | 000,059,794 | ---- | M] () -- C:\Users\Ernst & Gogg\Desktop\DC New Year 13.jpg [2013/01/10 03:30:44 | 000,428,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/02/07 11:48:17 | 000,066,006 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\bluescreenview_1.46.zip [2013/01/24 13:44:06 | 000,002,136 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Suite.lnk [2013/01/24 13:16:08 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Nokia PC Suite.lnk [2013/01/18 19:41:14 | 000,000,017 | ---- | C] () -- C:\Users\Ernst & Gogg\AppData\Local\resmon.resmoncfg [2013/01/17 10:08:56 | 000,086,371 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\UStVA 4. VJ 2012.pdf [2013/01/13 11:03:04 | 000,008,271 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2012_12.pdf [2013/01/13 11:02:18 | 000,007,875 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2012_11.pdf [2013/01/13 11:00:04 | 000,008,125 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_2013_01.pdf [2013/01/13 10:59:27 | 000,008,650 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Kreditkartentransaktionen4779139689744545_20130113.pdf [2013/01/12 19:03:03 | 000,016,721 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Kontoumsaetze_189_115318800_20130112_190301.pdf [2013/01/12 18:59:47 | 000,010,854 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\Umsatzanzeige_5409342769_20130112.csv [2013/01/10 16:11:50 | 000,059,794 | ---- | C] () -- C:\Users\Ernst & Gogg\Desktop\DC New Year 13.jpg [2012/06/30 08:03:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/06/30 08:03:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/06/30 08:03:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/06/30 08:03:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/06/30 08:03:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/12/25 16:09:41 | 000,000,848 | --S- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011/04/26 20:25:36 | 002,882,748 | ---- | C] () -- C:\Users\Ernst & Gogg\Datenrettung Verbatim v. 26.04.2011.st3 [2011/04/03 13:49:03 | 000,000,056 | ---- | C] () -- C:\Users\Ernst & Gogg\AppData\Roaming\Win-NeKo.ini [2011/03/02 10:42:09 | 000,118,272 | ---- | C] () -- C:\Users\Ernst & Gogg\Gebührenformulare.dot [2011/03/02 10:42:09 | 000,005,064 | ---- | C] () -- C:\Users\Ernst & Gogg\Gebührenformulare.INI [2011/03/02 10:42:07 | 000,077,409 | ---- | C] () -- C:\Users\Ernst & Gogg\Uninst.isu [2011/03/02 10:42:07 | 000,073,174 | ---- | C] () -- C:\Users\Ernst & Gogg\Readme.pdf [2011/03/02 10:30:18 | 000,000,313 | ---- | C] () -- C:\Windows\SHISETUP.SYS [2011/03/02 10:27:39 | 000,626,456 | ---- | C] () -- C:\Users\Ernst & Gogg\setup.bmp [2011/03/02 10:27:39 | 000,567,913 | ---- | C] () -- C:\Users\Ernst & Gogg\userinfo.rtf [2011/03/02 10:27:39 | 000,374,922 | ---- | C] () -- C:\Users\Ernst & Gogg\IPview.spl [2011/03/02 10:27:39 | 000,015,624 | ---- | C] () -- C:\Users\Ernst & Gogg\shiinfo.rtf [2011/03/02 10:27:39 | 000,011,231 | ---- | C] () -- C:\Users\Ernst & Gogg\userinfo_lang.rtf [2011/03/02 10:27:39 | 000,009,260 | ---- | C] () -- C:\Users\Ernst & Gogg\IPview.mod [2011/03/02 10:27:39 | 000,005,709 | ---- | C] () -- C:\Users\Ernst & Gogg\orderinfo.rtf [2011/03/02 10:27:39 | 000,000,434 | ---- | C] () -- C:\Users\Ernst & Gogg\IPVStdPrintHeader.ptm [2011/03/02 10:27:39 | 000,000,340 | ---- | C] () -- C:\Users\Ernst & Gogg\IPVStdPrintBody.ptm [2011/03/02 10:27:39 | 000,000,227 | ---- | C] () -- C:\Users\Ernst & Gogg\IPVStdPrintFooter.ptm [2011/03/02 10:27:38 | 000,020,216 | ---- | C] () -- C:\Users\Ernst & Gogg\Deubner.bmp [2011/03/02 10:27:38 | 000,005,040 | ---- | C] () -- C:\Users\Ernst & Gogg\hotlineinfo.rtf [2011/03/02 10:19:57 | 000,048,390 | ---- | C] () -- C:\Users\Ernst & Gogg\Allgemeine Bedienungshinweise.pdf [2011/03/02 09:06:25 | 000,006,656 | ---- | C] () -- C:\Users\Ernst & Gogg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/02/27 17:13:02 | 000,000,943 | ---- | C] () -- C:\Users\Ernst & Gogg\Eigene Dokumente - Verknüpfung.lnk ========== Alternate Data Streams ========== @Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84 < End of report > [/CODE] und OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 2/7/2013 11:53:15 AM - Run 2
OTL by OldTimer - Version 3.2.51.0 Folder = C:\Users\Ernst & Gogg\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 43.90% Memory free
8.00 Gb Paging File | 5.13 Gb Available in Paging File | 64.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1366.17 Gb Total Space | 1061.14 Gb Free Space | 77.67% Space Free | Partition Type: NTFS
Drive D: | 30.00 Gb Total Space | 10.37 Gb Free Space | 34.58% Space Free | Partition Type: NTFS
Drive I: | 465.65 Gb Total Space | 180.63 Gb Free Space | 38.79% Space Free | Partition Type: FAT32
Drive J: | 1.92 Gb Total Space | 1.20 Gb Free Space | 62.34% Space Free | Partition Type: FAT
Computer Name: MEDION01 | User Name: Ernst & Gogg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A7E774-2626-439B-AD22-5D3DD84F58BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0945B96D-BAF5-4BAC-99E7-CFB7A32A2E97}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{09A801D6-50CD-4DAB-861B-C99B081434C8}" = rport=137 | protocol=17 | dir=out | app=system |
"{0AECE74E-12C4-48AF-A42C-78352A9D14E0}" = lport=137 | protocol=17 | dir=in | app=system |
"{0DF974C6-A309-4DD5-83ED-310D86AE5037}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{133F6850-AD5C-4F4E-8853-ACB742D35E39}" = rport=139 | protocol=6 | dir=out | app=system |
"{24B242EE-8380-4A98-B5FC-9E229E39788C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3B619D04-5C1F-4DB4-9302-0216D4945162}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4AF79DF7-63C1-4463-979C-8A2F3462F7BB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4B1C21F8-D731-4AA6-A189-72E135FEA635}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{51326300-E8DF-4607-A38C-F57E95241503}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{524F2F30-6BF6-464B-8849-5D007BFCA14E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B7DD138-1BC3-436F-9FE7-3A242A4EC721}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B495AFB-A6B1-4266-8DAD-1BEE10CA6242}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8E7E13F8-981D-4018-8A08-E5822D94515C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{97EFAC1A-503E-441B-872E-7D5910C25FFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9882EF55-4D73-4800-867B-1426BEAC9A58}" = lport=445 | protocol=6 | dir=in | app=system |
"{9ACC7435-500D-48E4-AC83-5B917A55DC7B}" = rport=445 | protocol=6 | dir=out | app=system |
"{A8BB59F2-F5D8-4A74-ADCC-72E55EDAD6E7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5C106DF-47FE-498E-AA04-EBB2645B6089}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B610479A-E4E9-420A-B5E2-332B708C3AC4}" = lport=138 | protocol=17 | dir=in | app=system |
"{BDFC4105-FA73-46E8-B7ED-374BA5D79F0F}" = lport=139 | protocol=6 | dir=in | app=system |
"{C33B4BED-531A-4C45-842E-EFD54114C549}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA24C114-83BC-4D33-B0BB-659A8A7E3FBA}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CA2BCC48-4ED6-44AD-B96F-26CBF53B2EB4}" = rport=138 | protocol=17 | dir=out | app=system |
"{E4231910-69D8-4E6F-8758-EC353B25EB8A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CBAF39-0FE4-4319-BBF6-4315C639D57F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{0B3CDE2F-5C09-4148-9706-501AE245924B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{0B984603-72F5-415B-8070-4C77CB80EE69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13149270-227A-4615-A9BC-2EBDBF0A4D43}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{1A046AE8-483B-4A8E-902B-342D929813DB}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{1F2412D8-5568-4E1F-BFF8-42976E7A32A2}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{20F83367-4815-497E-A2B4-FC287EEE2C22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{27C34A10-592F-4EEC-AE45-CCDA49583AC2}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{284AA70A-4051-47D3-8DFE-4B0E486EBEE3}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{2BF0CAD7-4B88-4D75-9AA7-5F19D1D4C2DA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2DEA938F-24C3-4079-82E3-4DFC92FC5C90}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{33CA17C1-5DEC-45BE-B9E4-B9180888C964}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41F03C25-22D0-4295-9000-45755D873EAB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4DB1CC2D-07A4-47FB-9803-7ECDDAF9D960}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{4ED9336E-4A7C-4AA0-A838-757B9997DDE3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5519D5B6-C5B5-49FF-AA82-02E2760D9BD9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{576BEB5C-C28D-48B6-BDE7-0522A63CBB0C}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{5C500786-6671-4AF2-8A1E-C490C8EFE978}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{61044752-8B12-4C75-84EA-94D12D3A57D5}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{61454908-70C1-4701-B590-AD9CE97BA5F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{65F857F3-C7FF-46BD-B524-94616FA082FF}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{6F93146A-FD2C-45BD-A580-DB6B12B675F1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73E6AB5C-9219-4A7F-BC16-A1E9AA19816D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7AF88F03-DED1-4427-9C69-07C4A9941558}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{7C22EBDB-02C9-4762-BD52-F6CC2771544C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{80D3E5B7-A947-4D67-9479-E6538F70973F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86F819C3-50BE-42C6-AAAF-34F36D4A157E}" = protocol=17 | dir=in | app=c:\users\ernst & gogg\appdata\roaming\dropbox\bin\dropbox.exe |
"{9559CE61-4543-4364-BD42-AF6A6A717DD2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9F7F8FDD-5F01-4F46-96B2-9EA1F197E47C}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe |
"{9FB45734-DA66-4BE9-A955-C0DDCE84D92B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A182B99C-B815-439E-A3E8-A2E07C5EC7FF}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{AA9A893D-B365-4E7B-B951-6D4A8DB74062}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACB484BA-8183-465A-822A-1012C8D473D0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B3B2D670-70D9-46A8-BB96-DD9905D041DE}" = protocol=6 | dir=in | app=c:\users\ernst & gogg\appdata\roaming\dropbox\bin\dropbox.exe |
"{C139D7F9-69B2-4EBA-AA4D-A1EC9732EFE0}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{C368B531-F2C2-48F6-BE8E-7C7A013E98FD}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{C3D36546-204E-4CD1-996F-A1A008ADFA51}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1BC93E1-DD84-4C07-A540-76638495AA7F}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{DC37BA5E-ECEC-47A7-816D-9C022CD10A25}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{EA63862D-702F-4CD1-BD0D-5E0A9C6E9EF5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{F1DF4B45-5F5C-45B2-88AF-A19DBA5AD722}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F965331D-4AFF-4DFC-8ACC-9F874BBA8F14}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF298CEA-641A-4C84-9ED5-50BDC8005E6B}" = protocol=6 | dir=out | app=system |
"TCP Query User{24310263-F691-4316-A468-3BDBDED7BC6E}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{79D71088-8F63-4555-B706-8F7A0F691F7A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{FF6B45C2-EF7C-4F17-9A8A-65FBF218606D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{06723909-19BD-4A5A-B910-E1EED5A0F9AB}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{6AEF1CB7-972F-444B-8F13-6FA6AFD88FA3}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{7CFAEACB-ACA4-43AB-A8DA-4E37A7C8A934}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{122C8DA5-1978-7BB6-6179-BE41806E8086}" = ccc-utility64
"{19DCDC0D-9D87-46DB-A4B0-08B35AA333A3}" = Corel Shell Extension - 64Bit
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417010FF}" = Java 7 Update 10 (64-bit)
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5479F9EC-5D71-CB4F-7091-3BF696F82035}" = ATI Catalyst Install Manager
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9)
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{03BB06DB-15FE-47F0-B872-E6477933C986}" = Windows Live UX Platform Language Pack
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0482617D-DDC3-D703-2572-7D1E55FA24CB}" = Catalyst Control Center Graphics Previews Vista
"{06036391-62EB-2F47-A780-A9E1C21B4362}" = Versandhelfer
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{09F56A49-A7B1-4AAB-95B9-D13094254AD1}" = Windows Live UX Platform Language Pack
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}" = Windows Live UX Platform Language Pack
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{13FAE3E3-283E-4BF4-8FE5-17D256EDDD77}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E87F5D4-3502-4F8E-86A5-61DE5AAD1060}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{216BE2D3-5317-10C1-6F02-C4665CFB4507}" = CCC Help Japanese
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{256C2385-7E7D-8809-9D8C-020FC726A0CB}" = Catalyst Control Center InstallProxy
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26E276AC-F6C2-883E-E665-E97C735AA0AA}" = CCC Help French
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2EEEC858-21F8-419B-8FE2-820621BFFCD7}" = GetDataBack for FAT
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{31760C30-2C21-75D1-675E-3388AAC04068}" = CCC Help Dutch
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{49CB6744-E778-406C-91CD-F583B9AF4656}" = Formularpraxis - Verlag Dr. Otto Schmidt
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5380E159-9445-C146-ECBC-5DF6E97FAB85}" = CCC Help Swedish
"{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54F89819-7AF7-9A0A-1F45-2E19F0CA18A8}" = CCC Help Finnish
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{59F324A2-667C-EA14-0A8D-DC3794330056}" = CCC Help Danish
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B0A2ECE-E4C6-4BA3-AE9D-8B827F03B992}" = Windows Live UX Platform Language Pack
"{6B318C80-7BE4-4D79-9F53-4290958EA984}" = Windows Live UX Platform Language Pack
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{76046298-768C-492C-8C93-2983C9E3719E}" = Windows Live UX Platform Language Pack
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7D14B7C4-10DA-173B-D073-DED305D55099}" = Catalyst Control Center Localization All
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{934331FE-E81E-B486-A049-382715BE7416}" = CCC Help German
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A850B824-9CE5-EEDE-D762-3C9518ABAC98}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA0F476C-CA5F-F382-67B2-F0085C1EBC6E}" = CCC Help Norwegian
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B765F43A-6189-61F7-5D8A-0B9E8A851193}" = CCC Help English
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2131BFA-A0D6-4FDE-8614-75B07A9B15EE}" = Windows Live UX Platform Language Pack
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE2A3E12-3592-1A8B-D3B3-60E2C07C52C2}" = CCC Help Italian
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED86C4AB-D1E5-42CF-BFA3-56BAAE617D4E}" = Windows Live UX Platform Language Pack
"{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F354B79F-C895-AC25-EC8F-72DAFF960B83}" = CCC Help Spanish
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"7-PDF Maker_is1" = 7-PDF Maker Version 1.0.8 (Build 116)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALDI SÜD Mah Jong" = ALDI SÜD Mah Jong
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Avira AntiVir Desktop" = Avira Free Antivirus
"DEUBNER VERLAG HANDBUCH DES WOHNUNGSEIGENTUMSRECHTS 1_0" = Deubner Verlag Handbuch des Wohnungseigentumsrechts 1.0
"DEUBNER VERLAG PRAXISMODUL ARBEITS_ UND SOZIALVERSICHERU 1_0" = Deubner Verlag Praxismodul Arbeits- und Sozialversicheru 1.0
"DivX Setup" = DivX-Setup
"dpdhl.versandhelfer.medionpc.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1" = Versandhelfer
"Foxit Reader" = Foxit Reader
"Gebührenformulare" = Gebührenformulare
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"RealPlayer 16.0" = RealPlayer
"VLC media player" = VLC media player 1.1.9
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"Winmail Opener" = Winmail Opener 1.4
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2881200875-1395689310-235358202-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3/12/2012 3:47:56 AM | Computer Name = Medion01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d762323 Name des fehlerhaften Moduls: Flash64_11_1_102.ocx, Version:
11.1.102.62, Zeitstempel: 0x4f39bfea Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000768060
ID
des fehlerhaften Prozesses: 0x134c Startzeit der fehlerhaften Anwendung: 0x01ccff720a8dff29
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx
Berichtskennung:
adc3bb6e-6c17-11e1-a5a7-6c626dc178d5
Error - 3/13/2012 10:49:09 PM | Computer Name = Medion01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 3/14/2012 2:07:47 PM | Computer Name = Medion01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d762323 Name des fehlerhaften Moduls: Flash64_11_1_102.ocx, Version:
11.1.102.62, Zeitstempel: 0x4f39bfea Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000768132
ID
des fehlerhaften Prozesses: 0xf20 Startzeit der fehlerhaften Anwendung: 0x01cd01af2a3d5783
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx
Berichtskennung:
9a7674c2-6e00-11e1-b53c-6c626dc178d5
Error - 3/14/2012 7:31:22 PM | Computer Name = Medion01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 3/16/2012 4:00:59 AM | Computer Name = Medion01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d762323 Name des fehlerhaften Moduls: Flash64_11_1_102.ocx, Version:
11.1.102.62, Zeitstempel: 0x4f39bfea Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000768132
ID
des fehlerhaften Prozesses: 0x291c Startzeit der fehlerhaften Anwendung: 0x01cd02745e935e71
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx
Berichtskennung:
2a4e5544-6f3e-11e1-b53c-6c626dc178d5
Error - 3/17/2012 3:22:02 AM | Computer Name = Medion01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d762323 Name des fehlerhaften Moduls: Flash64_11_1_102.ocx, Version:
11.1.102.62, Zeitstempel: 0x4f39bfea Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000768339
ID
des fehlerhaften Prozesses: 0x814 Startzeit der fehlerhaften Anwendung: 0x01cd034af09cec17
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx
Berichtskennung:
e3623812-7001-11e1-b53c-6c626dc178d5
Error - 3/17/2012 8:48:19 PM | Computer Name = Medion01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 3/18/2012 6:39:36 PM | Computer Name = Medion01 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16421,
Zeitstempel: 0x4d762323 Name des fehlerhaften Moduls: Flash64_11_1_102.ocx, Version:
11.1.102.62, Zeitstempel: 0x4f39bfea Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000054e578
ID
des fehlerhaften Prozesses: 0x1c9c Startzeit der fehlerhaften Anwendung: 0x01cd04e896617c48
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx
Berichtskennung:
3d22b584-714b-11e1-b53c-6c626dc178d5
Error - 3/18/2012 6:57:49 PM | Computer Name = Medion01 | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16421 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 1320 Startzeit: 01cd04e89eb9886f Endzeit: 43 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 3/22/2012 8:26:47 PM | Computer Name = Medion01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Nokia\Nokia PC Suite 7\TIS_Windows7PIM.dll". Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 2/5/2013 4:01:40 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/5/2013 4:01:43 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/5/2013 4:01:46 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/5/2013 4:01:49 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/5/2013 4:01:52 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/6/2013 8:52:38 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/6/2013 8:52:41 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/6/2013 8:52:45 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/6/2013 8:52:48 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error - 2/6/2013 8:52:51 AM | Computer Name = Medion01 | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
< End of report >
[/CODE] Danke! |
|
07.02.2013, 18:21
| #4 | |
| /// Helfer-Team | BCCode: 124 - SystemabsturzZitat:
Hast du mal CHKDSK beim System start durchlaufen lassen? Bitte davon auch ein Screenshot: CrystalDiskInfo - Download - Filepony 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.dann: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
|
|
07.02.2013, 19:12
| #5 |
| | BCCode: 124 - Systemabsturz Der Screenshot hängt an; aber es ist ersichtlich (Scrollbalken)nicht alles darauf zu sehen. Ist das ausreichend? Der Rest folgt. |
|
07.02.2013, 23:06
| #6 |
| | BCCode: 124 - Systemabsturz Hier der ChristalDiskInfo Screenshot Die Logfiles poste ich morgen |
|
08.02.2013, 03:09
| #7 |
| /// Helfer-Team | BCCode: 124 - Systemabsturz Bitte mal ausfuehren: http://www.trojaner-board.de/72874-s...eparieren.html Danach: - neustarten - berichten |
|
08.02.2013, 10:20
| #8 |
| | BCCode: 124 - Systemabsturz Der Reihe nach von hinten nach vorne: sfc: Screenshots im Anhang; 1. Mitteilung, dass keine Reparaturen nötig waren; 2. vergeblicher Versuch die Logdatei zu finden. AdwearCleaner Logdatei: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.111 - Datei am 08/02/2013 um 10:06:29 erstellt
# Aktualisiert am 05/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Ernst & Gogg - MEDION01
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Ernst & Gogg\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\Ernst & Gogg\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v5.0.375.125
Datei : C:\Users\Ernst & Gogg\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [4282 octets] - [08/02/2013 10:06:29]
########## EOF - C:\AdwCleaner[S1].txt - [4342 octets] ##########
MBAM - Logdatei: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.02.07.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Ernst & Gogg :: MEDION01 [Administrator] 07.02.2013 23:09:09 mbam-log-2013-02-07 (23-09-09).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|I:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 469040 Laufzeit: 1 Stunde(n), 57 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
08.02.2013, 13:27
| #9 |
| /// Helfer-Team | BCCode: 124 - Systemabsturz Windows Repair Tool (AIO)
|
|
08.02.2013, 19:05
| #10 |
| | BCCode: 124 - Systemabsturz Das habe ich ausgeführt, allerdings erfolgte kein Neustart des Rechners. |
|
08.02.2013, 20:45
| #11 |
| /// Helfer-Team | BCCode: 124 - Systemabsturz Rechner neustarten und berichten. |
|
09.02.2013, 14:19
| #12 |
| | BCCode: 124 - Systemabsturz Bevor ich das konnte, hat der Rechner das wieder selbst gemacht. Das erste Mal seit der Eröffnung ideses Threads allerdings Meldung nach Neustart: Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.1.7601.2.1.0.768.3 Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 124 BCP1: 0000000000000000 BCP2: FFFFFA80057DD8F8 BCP3: 0000000000000000 BCP4: 0000000000000000 OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Dateien, die bei der Beschreibung des Problems hilfreich sind: C:\Windows\Minidump\020913-29468-01.dmp C:\Users\Ernst & Gogg\AppData\Local\Temp\WER-36629533-0.sysdata.xml Jetzt läuft er wie üblich, also unauffällig |
|
09.02.2013, 20:02
| #13 |
| /// Helfer-Team | BCCode: 124 - Systemabsturz http://www.trojaner-board.de/129683-...ml#post1008155 wiederholen und neustarten dann Screenshot machen: BlueScreenView - Download - Filepony |
|
10.02.2013, 19:40
| #14 |
| | BCCode: 124 - Systemabsturz erledigt. screenshot hängt an |
|
10.02.2013, 19:46
| #15 |
| /// Helfer-Team | BCCode: 124 - Systemabsturz Screenshot: Unknown Device Identifier - Download - Filepony |
|
| Themen zu BCCode: 124 - Systemabsturz |
| abspeichern, anhänge, ausgeführt, bccode: 124, bccode: 124 - systemabsturz, direkt, folge, folgendes, guten, herunterfahren, hänge, leerlaufprozess, morgen, neustart, product, programm, service, system, systemabsturz, unerwartetem, windows, öffnen |
