... bevor du mir in den Kopf schaust fange ich einfach mal langsam an:kaffee:
Ergebnis OTL: Code:
OTL logfile created on: 13.02.2013 09:14:36 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop\12.02.2013_23Uhr
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,37% Memory free
5,99 Gb Paging File | 4,64 Gb Available in Paging File | 77,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,24 Gb Total Space | 23,25 Gb Free Space | 19,50% Space Free | Partition Type: NTFS
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\*****\Desktop\12.02.2013_23Uhr\OTL.exe (OldTimer Tools)
PRC - C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG)
PRC - C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft IntelliPoint\dpupdchk.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\Acronis\TrueImageHome\Common\ti_managers.dll ()
MOD - C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ()
========== Services (SafeList) ==========
SRV - (SDWSCService) -- C:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found
SRV - (SDScannerService) -- C:\Program Files\Spybot File not found
SRV - (HPSLPSVC) -- C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL File not found
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVKWCtl) -- C:\Programme\G Data\InternetSecurity\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Programme\G Data\InternetSecurity\Firewall\GDFwSvc.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (GDScan) -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (PassThru Service) -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found
DRV - (GRD) -- C:\Windows\System32\drivers\GRD.sys (G Data Software)
DRV - (GDPkIcpt) -- C:\Windows\System32\drivers\PktIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\Windows\System32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDMnIcpt) -- C:\Windows\System32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (GDBehave) -- C:\Windows\System32\drivers\GDBehave.sys (G Data Software AG)
DRV - (gdwfpcd) -- C:\Windows\System32\drivers\gdwfpcd32.sys (G Data Software AG)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (nhcDriverDevice) -- C:\Windows\System32\drivers\nhcDriver.sys (pBUS-167 Software - hxxp://www.pbus-167.com)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman273) -- C:\Windows\System32\drivers\tdrpm273.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (SGDrv) -- C:\Windows\System32\drivers\SGDrv.sys (Phoenix Technologies Ltd.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (RTL8192cu) -- C:\Windows\System32\drivers\RTL8192cu.sys (Realtek Semiconductor Corporation )
DRV - (htcnprot) -- C:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.sparkasse-donnersberg.d [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 5F 40 57 B1 66 CD 01 [binary data]
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\..\SearchScopes,DefaultScope = {D9980A29-828C-40F1-BB67-33A377943064}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\..\SearchScopes\{6D5CDEFB-E9D5-43B6-AD82-AB49A83BA510}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=57B18066-1B7A-4F7F-8EBC-00009A96EF15&apn_sauid=AF125CFB-62D1-4F8C-AF52-4F337E37220A
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\..\SearchScopes\{D9980A29-828C-40F1-BB67-33A377943064}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=
IE - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/|hxxp://www.sparkasse-donnersberg.de/|hxxp://www.amazon.de/|hxxp://www.google.de/|hxxp://www.androidpit.de/|hxxp://www.youtube.com/|hxxp://www.otto.de/|hxxp://www.chefkoch.de/"
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=57B18066-1B7A-4F7F-8EBC-00009A96EF15&apn_ptnrs=U3&apn_sauid=AF125CFB-62D1-4F8C-AF52-4F337E37220A&apn_dtid=OSJ000YYDE&&q="
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
[2012.09.18 19:09:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2013.01.04 15:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\5wwtk2d4.default\extensions
[2012.10.29 15:58:36 | 000,002,308 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\5wwtk2d4.default\searchplugins\askcom.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
CHR - homepage: hxxp://www.google.com
CHR - Extension: Google Drive = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Browser Companion Helper = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\
CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Common Files\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SAOB Monitor] C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe File not found
O4 - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1070405161-3628688422-3222507501-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8237144-1CFB-47A0-9C7F-0F988FA1A754}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{d27b381d-45f9-11e2-a2bd-0002721a8cb0}\Shell - "" = AutoRun
O33 - MountPoints2\{d27b381d-45f9-11e2-a2bd-0002721a8cb0}\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.13 09:15:36 | 000,000,000 | ---D | C] -- C:\b731505b1df3d393d1f735520c30ed00
[2013.02.13 09:00:41 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\12.02.2013_23Uhr
[2013.02.09 20:52:38 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.02.09 20:38:03 | 000,015,600 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys
[2013.02.09 20:35:47 | 000,030,416 | ---- | C] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2013.02.09 20:32:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Secunia PSI
[2013.02.09 20:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\Secunia
[2013.02.02 12:51:13 | 000,011,240 | ---- | C] (G Data Software AG) -- C:\Windows\System32\GdScrSv.de.dll
[2013.02.02 12:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2013
[2013.02.02 12:35:44 | 000,051,616 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2013.02.02 12:32:55 | 000,050,080 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2013.02.02 12:32:11 | 000,093,600 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2013.02.02 12:31:57 | 000,042,016 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2013.02.02 12:31:41 | 000,054,256 | ---- | C] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2013.02.02 12:30:02 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2013.02.02 12:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\G Data
[2013.02.02 12:30:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2013.02.02 12:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.02.02 12:20:58 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2013.02.02 12:20:19 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.02 12:19:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.02 12:19:42 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.02.02 12:19:42 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.01.27 14:24:07 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{419F525A-09C7-471E-8544-D28A9446676E}
[2013.01.26 21:15:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\HpUpdate
[2013.01.26 21:15:41 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2013.01.26 20:40:04 | 000,000,000 | R--D | C] -- C:\Backup
[2013.01.26 20:36:43 | 000,088,632 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSCrySec.sys
[2013.01.26 20:36:43 | 000,039,352 | ---- | C] (Infowatch) -- C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
[2013.01.26 20:36:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2013.01.26 20:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.26 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{333BE956-A077-4F27-A6FD-0A16C79D1BF6}
[2013.01.26 18:23:58 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes
[2013.01.26 18:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.26 17:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.01.26 17:59:27 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2013.01.26 17:59:05 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Programs
[2013.01.26 17:36:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{469B57C5-0D55-47D2-A6C6-20C478E322E9}
[2013.01.25 12:31:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{BE7D14CE-59E9-438B-8D66-85DFBF2DA942}
[2013.01.24 21:30:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{58A625A3-68DA-4BDD-B82E-E3F6385458FF}
[2013.01.24 21:24:36 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Diagnostics
[2013.01.24 21:22:04 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0E6DC8BD-DF5F-49B8-86D8-B626F4383D2A}
[2013.01.24 12:08:07 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Virensuche
[2013.01.24 09:21:41 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E22891F8-ACF9-4A98-AC48-F1570939BD8B}
[2013.01.23 15:04:38 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4B80E70B-7FF9-448A-BD60-1045499006CC}
[2013.01.22 08:50:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0775A2A8-620D-4D5D-8D87-6A27DEF2FBCB}
[2013.01.21 13:12:51 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7F1A629B-1309-418A-93BF-552B804841AE}
[2013.01.19 11:07:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{275B37AF-DDBA-4D0F-B6F7-F5A94DCFBC28}
[2013.01.18 22:44:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{354B22C8-203F-4509-BDD8-964C00C1AE12}
[2013.01.18 10:44:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DB236B57-7AE0-48C7-94BA-5F25569ECB4F}
[2013.01.17 22:43:35 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7239AA8A-5AB0-432F-856A-1D47ED58623F}
[2013.01.17 10:43:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{30E94A3C-73B2-4246-9176-6716628620A3}
[2013.01.16 15:35:23 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{12BDB702-C24E-421F-8365-41937C862C49}
[2013.01.15 12:35:35 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{EA92736F-F75E-4487-B381-819814249AAA}
[2013.01.15 00:35:01 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F9ED22E5-3E48-45DC-B50F-EADA86EA3853}
[2013.01.14 12:34:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9ABFDBD8-5571-4989-A472-9196E38F1B48}
========== Files - Modified Within 30 Days ==========
[2013.02.13 09:17:58 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.02.13 09:17:58 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.13 09:17:58 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.02.13 09:17:58 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.13 09:06:53 | 000,978,154 | ---- | M] () -- C:\Windows\System32\sig.bin
[2013.02.13 09:06:53 | 000,052,028 | ---- | M] () -- C:\Windows\System32\nmp.map
[2013.02.13 09:06:22 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.13 09:06:22 | 000,014,816 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.13 08:59:45 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.13 08:59:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.13 08:59:04 | 2411,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.12 23:48:36 | 000,001,203 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.02.10 15:50:18 | 000,000,680 | RHS- | M] () -- C:\Users\*****\ntuser.pol
[2013.02.10 15:45:20 | 000,297,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.09 20:38:03 | 000,015,600 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GdPhyMem.sys
[2013.02.09 20:35:47 | 000,030,416 | ---- | M] (G Data Software) -- C:\Windows\System32\drivers\GRD.sys
[2013.02.09 20:32:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.02 12:53:23 | 000,051,616 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\PktIcpt.sys
[2013.02.02 12:51:37 | 000,050,080 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\HookCentre.sys
[2013.02.02 12:51:19 | 000,093,600 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\MiniIcpt.sys
[2013.02.02 12:51:19 | 000,042,016 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\GDBehave.sys
[2013.02.02 12:51:13 | 000,054,256 | ---- | M] (G Data Software AG) -- C:\Windows\System32\drivers\gdwfpcd32.sys
[2013.02.02 12:19:06 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.02.02 12:19:05 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.02.02 12:19:05 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.02.02 12:19:05 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.02.02 12:19:05 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.02.02 12:19:05 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.01.26 20:40:09 | 000,017,408 | ---- | M] () -- C:\Users\*****\AppData\Local\WebpageIcons.db
[2013.01.26 20:11:12 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.01.17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
========== Files Created - No Company Name ==========
[2013.02.12 23:48:36 | 000,001,203 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2013.02.10 15:48:30 | 000,000,680 | RHS- | C] () -- C:\Users\*****\ntuser.pol
[2013.02.09 20:31:55 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2013.02.04 09:07:59 | 000,978,154 | ---- | C] () -- C:\Windows\System32\sig.bin
[2013.02.04 09:07:59 | 000,052,028 | ---- | C] () -- C:\Windows\System32\nmp.map
[2013.02.02 12:21:03 | 000,002,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.01.26 20:40:07 | 000,017,408 | ---- | C] () -- C:\Users\*****\AppData\Local\WebpageIcons.db
[2013.01.01 15:25:54 | 000,235,153 | ---- | C] () -- C:\Windows\hpoins21.dat.temp
[2013.01.01 15:25:54 | 000,005,474 | ---- | C] () -- C:\Windows\hpomdl21.dat.temp
[2012.11.28 14:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.11.28 14:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.11.28 14:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.11.28 14:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.05.27 13:29:09 | 000,008,192 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.17 18:33:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.05.17 18:09:11 | 000,000,412 | ---- | C] () -- C:\Users\*****\AppData\Roaming\All CPU Meter_Settings.ini
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > Ergebnis Extras: Code:
OTL Extras logfile created on: 13.02.2013 09:14:36 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop\12.02.2013_23Uhr
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,37% Memory free
5,99 Gb Paging File | 4,64 Gb Available in Paging File | 77,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,24 Gb Total Space | 23,25 Gb Free Space | 19,50% Space Free | Partition Type: NTFS
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A84420F-B04C-4087-A047-27D00A8A9764}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11F0EA6F-9778-4460-B578-8FBFF8B7E234}" = lport=10243 | protocol=6 | dir=in | app=system |
"{137D6561-0BB8-4158-BA2A-48202B5F14BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1B452893-888A-4E9C-9BA7-2D8D6C89433F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2B3BFC16-722B-4F67-AC6A-71A8F8FF205A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3BBEFB7D-363B-4BDA-9C3C-16E4AC4377EF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52410FC5-69F3-4958-8AB5-58ED285A7130}" = rport=137 | protocol=17 | dir=out | app=system |
"{56A007D6-1B31-4FD2-8EE6-E1856981F27A}" = rport=138 | protocol=17 | dir=out | app=system |
"{600DC1FE-2FCF-4B12-BD7A-9D73B9EE06D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60320153-7FB4-43B6-BA0C-747C36C91CB6}" = rport=445 | protocol=6 | dir=out | app=system |
"{6B74E9B7-B0F5-4966-80B3-DDDFF2702C9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6FA232FD-09A1-4441-8B36-7DBDE80AAF83}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7821DC69-AF78-434F-910C-3F147A7D408A}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A56CB1D-DF8D-44F4-B808-A46C8450A4ED}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7E86921C-109F-4421-BC0B-5E78A488F807}" = lport=137 | protocol=17 | dir=in | app=system |
"{9CC84DC0-A7ED-4FAC-B19E-86BD003D5BAE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A22D4EE3-661F-4F95-A555-1CBB9B36DB73}" = lport=138 | protocol=17 | dir=in | app=system |
"{A56F50FF-1DC8-4093-BBB4-95D943FA5648}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AE19FE74-F3C4-491C-8915-6C939306279E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B63981ED-7765-463E-9CD7-D868F2BDE1E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2E5FC89-2CD6-4F3E-988B-0A6AD927DF73}" = rport=139 | protocol=6 | dir=out | app=system |
"{D1D91DB5-41D9-444A-8B56-D4E386AAA6E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E063D58E-A535-4657-AA2C-D876227DBFB9}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{E726C57E-2A7B-448D-95D3-A1B5046AF0C4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE4BB067-0018-4F47-8F3C-ADB03920A0B0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF2BADAB-3098-4FF6-BC86-B2AF867D3BBD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE2EF37-1C59-4DDD-B09C-A21EE7235751}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{108FF9AB-6524-45DF-8E8C-A7F82DFC2461}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{142C24BB-FADF-4E49-9EDA-4EDB0E7E96BC}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{1A0B6CEB-1ECB-43C3-B277-831C288BA366}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{2030B3E7-1920-44E0-810E-83EBC21602C9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{26D809E2-DA29-457A-A3AC-1E120C83E470}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{29932379-7596-4EF6-AC50-80C70A4916AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{36D9C0CF-FFEA-4E00-A7A0-AD59B0561585}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A910840-2A13-46CB-B63A-1041B8C7BF7D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{3AFC0E9A-9246-4413-BC19-33D30BA6F5B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3BED2BF4-DC6A-4572-BC5C-DA10A5E5C08C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{413FE9F2-F6C6-40C1-AA7A-C08E5965CF8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4210D9D6-7929-4285-8301-E43E81156DB6}" = dir=in | app=c:\users\*****\appdata\local\temp\7zs09d9\setup\hpznui01.exe |
"{4235E927-C2AA-46D5-914F-EFB132216FA9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{49644D6A-1329-4046-A6D5-78B592538738}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{50903C2D-0D5F-45CA-AB1E-37F098713F05}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{5316E9B3-67BE-42B0-8751-0634653FFF72}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{537BFE40-B67A-4D25-A320-F2F8337D99DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{568A4EF4-C2BA-4BB3-BB78-E780738A59EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{5ACFB9A6-BEC4-4C69-8A93-C690D270F665}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5C6007A2-AD45-40D6-9D94-D8EA5895ED18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{604C6807-CA45-4ABF-9577-E64FA1E080D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{635CC938-D1BB-4682-B116-F24FF387B304}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{6C90B9E2-23C3-4C0B-9082-F77F82EBEE52}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{700D8122-422B-4077-A77E-D167A0FF23CB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{715BB109-54FB-44A4-85C5-C6B083819F0F}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{717F60AD-2B64-45AB-BB60-3499DD53253C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{7629CF9C-522B-46D0-96DF-59DB5F262987}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{7BF2B8E6-945C-4323-8CB3-9493A19645EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{7D1B6132-E5C3-47C1-BA8B-64BD04ADF852}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{8659745D-90D5-433A-8EFE-0579BC58B3B2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8B03BABE-36C1-4304-A7C2-CA9BB9700B41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{946A9EED-BE68-4D4C-A684-BA8B7A3A7FA6}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{94D83CFD-9156-4F4C-A58F-4E37DBF98197}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{956B1363-7367-44F9-A06B-9B816241F611}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{97F6D864-4F68-4A6D-8318-6036938DA508}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B4ECFCAF-C924-4F87-9D15-985F5212BD78}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{B8124FCC-11D3-46AF-BAAE-68F9BFB4A7AA}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{BA773D34-4FE4-488E-B4F6-ED744B4E290C}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{BD1A4A52-4A3F-4CD0-98CB-56E6B8E1C819}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{BF0416CC-F8C9-40C0-BD6D-4BD97E564BEC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C044AF74-34CE-4A39-9492-44498A116EA1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C261FAD8-AD18-47F1-8573-6C47700F7D36}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5B23440-7CE9-4DB5-8B1A-D089453F9CD4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{C6E27D6F-938E-4566-BB58-BB5CBB9CB0A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{CE0EC241-56B3-4094-9BBE-E8208B8D7AFB}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D7870A47-3499-42B6-ABBD-EBB675E42448}" = protocol=6 | dir=out | app=system |
"{D9D563F8-5EBF-495D-8C53-DCDBF4E9F3C0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E01CB880-89DA-4DFB-8EFD-1A46680854C6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{EDD9C10D-32A3-408D-B4AC-544FE3789867}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"TCP Query User{068893AA-65A6-439F-8E90-28256D7F7B30}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{1A45C8D5-14F1-4A19-A416-7DE613177E76}C:\program files\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=6 | dir=in | app=c:\program files\amazon\utilities\amazon music importer\amazon music importer.exe |
"TCP Query User{543A16C7-F6EB-4EB7-960D-48D23ED01E59}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{A955192C-C0D3-4BAB-A14B-6A84F8693F4F}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{BA3B5180-A581-4CC2-BC89-085B2D930E17}C:\program files\amazon\utilities\amazon music importer\amazon music importer.exe" = protocol=17 | dir=in | app=c:\program files\amazon\utilities\amazon music importer\amazon music importer.exe |
"UDP Query User{F3797955-6237-49ED-8BAA-C9541D4FD70B}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{71A51B59-E7D3-11DB-A386-005056C00008}" = Namuga 1.3M Webcam
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86107E2D-DFB9-46BC-99ED-07EACAEE0923}" = G Data InternetSecurity 2013
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{942E5031-2BD6-4C1B-918C-C8A1CBAE7B8C}" = Microsoft IntelliPoint 8.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98823CC0-51DA-565C-FF90-DCC72D47BD24}" = Amazon Music Importer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.20
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"AudibleManager" = AudibleManager
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"com.amazon.music.uploader" = Amazon Music Importer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"MPE" = MyPhoneExplorer
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06 Bugfix
"NVIDIA Drivers" = NVIDIA Drivers
"Secunia PSI" = Secunia PSI (3.0.0.6001)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 25.01.2013 07:09:23 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.01.2013 06:07:52 | Computer Name = *****-PC | Source = MsiInstaller | ID = 10005
Description =
Error - 27.01.2013 06:08:22 | Computer Name = *****-PC | Source = MsiInstaller | ID = 11310
Description =
Error - 27.01.2013 08:48:50 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.01.2013 10:57:20 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC
Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.01.2013 13:19:05 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: DrvInst.exe, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bc04d Name des fehlerhaften Moduls: hpzids01.dll, Version: 13.0.338.0,
Zeitstempel: 0x4a1cc51a Ausnahmecode: 0xc0000417 Fehleroffset: 0x0002641a ID des fehlerhaften
Prozesses: 0x874 Startzeit der fehlerhaften Anwendung: 0x01cdfcb23464e4d5 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\DrvInst.exe Pfad des fehlerhaften Moduls:
C:\Windows\system32\hpzids01.dll Berichtskennung: a69a6a1b-68a5-11e2-8f30-0013776f6455
Error - 09.02.2013 15:37:08 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.17859,
Zeitstempel: 0x4fd2d1d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004b1f3 ID des fehlerhaften
Prozesses: 0xc14 Startzeit der fehlerhaften Anwendung: 0x01ce06fbd5306a78 Pfad der
fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: C:\Windows\system32\SHELL32.dll
Berichtskennung:
169dd464-72f0-11e2-b6dd-0013776f6455
Error - 09.02.2013 15:37:12 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc015000f Fehleroffset: 0x00083fbe ID des fehlerhaften
Prozesses: 0xc14 Startzeit der fehlerhaften Anwendung: 0x01ce06fbd5306a78 Pfad der
fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung:
1903f76b-72f0-11e2-b6dd-0013776f6455
Error - 09.02.2013 15:37:25 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7601.17859,
Zeitstempel: 0x4fd2d1d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0004b1f3 ID des fehlerhaften
Prozesses: 0x1cb0 Startzeit der fehlerhaften Anwendung: 0x01ce06fcdd762649 Pfad der
fehlerhaften Anwendung: C:\Windows\explorer.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\SHELL32.dll
Berichtskennung:
211d45fa-72f0-11e2-b6dd-0013776f6455
Error - 09.02.2013 15:37:29 | Computer Name = *****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567,
Zeitstempel: 0x4d6727a7 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc015000f Fehleroffset: 0x00083fbe ID des fehlerhaften
Prozesses: 0x1cb0 Startzeit der fehlerhaften Anwendung: 0x01ce06fcdd762649 Pfad der
fehlerhaften Anwendung: C:\Windows\explorer.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung:
23516c1b-72f0-11e2-b6dd-0013776f6455
[ Media Center Events ]
Error - 19.06.2012 09:49:58 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 15:49:57 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 09:50:02 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 15:49:59 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 10:51:23 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 16:51:23 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 10:51:26 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 16:51:25 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 10:51:28 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 16:51:27 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 10:51:29 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 16:51:29 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 11:52:50 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 17:52:50 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 11:52:53 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 17:52:52 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 11:52:54 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 17:52:53 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal
konnte keine Vertrauensstellung hergestellt werden..)
Error - 19.06.2012 11:52:56 | Computer Name = *****-PC | Source = MCUpdate | ID = 0
Description = 17:52:55 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
[ Spybot - Search and Destroy Events ]
Error - 26.01.2013 13:21:06 | Computer Name = *****-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 02.02.2013 08:16:21 | Computer Name = *****-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 16.11.2012 17:08:10 | Computer Name = *****-PC | Source = DCOM | ID = 10010
Description =
Error - 16.11.2012 17:12:03 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 20.11.2012 12:26:27 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 24.11.2012 13:28:55 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 26.11.2012 15:49:32 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 26.11.2012 15:49:32 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 26.11.2012 15:49:32 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 26.11.2012 15:49:32 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 26.11.2012 15:49:33 | Computer Name = *****-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.
Error - 03.12.2012 12:32:31 | Computer Name = *****-PC | Source = DCOM | ID = 10010
Description =
< End of report > |