| greenkohl | 27.06.2012 17:15 |
hallo Daniel,
hab besagte Schritte getan:
- Neue Java Version installiert und alte deinstalliert
- Soweit es über das Softwaremenü möglich war die babylon toolbar deinstalliert bzw deaktiviert
- Neue Windows Update runtergeladen bis zum Service Pack, hier gibt es ungereimtheiten. Beim Verlauf zeigt er an das es erfolgreich installiert wurde, direkt darüber allerdings das es fehlgeschlagen ist. Beim Suchen nach Update zeigt er auch nur noch das Service Pack 1 an und versucht es runterzuladen, es passiert allerdings nix, der Download Status bleibt unverändert bei 0,0%
Ich habe den Kumpel auf besagten Registry Cleaner angesprochen und ihn nahegelegt diese Funktion von TuneUp nicht zu verwenden.
Er meinte ich sollte erwähnen das der Rechner ziemlich unzuverlässig bootet, d.h. nach dem Bios etc erscheint kein "Windows wird geladen" Screen sondern einfach nur eine Blinkender Unterstrich in der oberen linken Ecke. Ich meinte daraufhin das mit seinem Bootsektor wohl nicht alles koscher ist, es benötigt schon gute 10 anläufe bis er endlich in das "Windows wird geladen " Fenster kommt. Danach fährt auch auch normal und zügig hoch.
Ich habe am Schluß auch besagten OTL Scan duchgeführt. Das Log dazu gibs hier. Code:
OTL Extras logfile created on: 27.06.2012 17:58:49 - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = K:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,94 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 50,51% Memory free
3,87 Gb Paging File | 2,89 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,56 Gb Total Space | 19,68 Gb Free Space | 13,90% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,23 Gb Free Space | 30,12% Space Free | Partition Type: NTFS
Drive I: | 66,88 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 1367,19 Gb Total Space | 109,71 Gb Free Space | 8,02% Space Free | Partition Type: NTFS
Drive L: | 30,07 Gb Total Space | 24,35 Gb Free Space | 80,95% Space Free | Partition Type: NTFS
Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1190BB9B-606D-4EF1-8F21-ABF36DA63F8C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CCFD6DA-FF8C-417C-BD22-E9ACE5A9D275}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E5F4BFE-F6F5-41BE-8F72-612EF862ED3D}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F331CEE-929B-4664-97E6-5CC175C52401}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 |
"{33EF73B1-E902-484E-BFA1-2F75CD9C122F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{354289DC-F850-4B7B-A69B-FBED82E21AB6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{36F8D272-878A-4E7F-80E9-7E6325EF1DD2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3DA1A1F0-CB04-4A2D-964D-C359935DD834}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{46C0B3CB-8C52-4BB7-AD63-113AEEFE5ECF}" = lport=139 | protocol=6 | dir=in | app=system |
"{59F254AE-2DB5-43FA-B1D9-8FA7442C00F3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{661E283A-C52A-40F6-8BF2-14D1F44FCF4A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6BFC2280-972C-4FED-AB7F-4EB57E38ABC9}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 |
"{6D74C026-4FFD-4419-9B1B-15C63D3C4E2C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6D7C2023-FBC6-4951-ABF1-471DC7F678D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7298B709-EEB6-49AA-86FA-5805DF12ED29}" = lport=33289 | protocol=6 | dir=in | name=windows core service |
"{97E9BD87-60AB-43DE-A304-3FB9AA171997}" = lport=138 | protocol=17 | dir=in | app=system |
"{AABF92C7-288C-43E9-BA09-2375B9CA101E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ACB05DDE-92E7-4082-9946-0B700298FF2E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD503196-6AD2-488D-B2A8-E143E0161981}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BED63295-B1FD-4CBB-96B2-AAB81118351C}" = lport=445 | protocol=6 | dir=in | app=system |
"{C98589F5-2D27-4F3A-A2C1-0D708AEB1253}" = rport=137 | protocol=17 | dir=out | app=system |
"{CB661BED-BA14-49E9-AEC5-38C9B6C1C05D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CCD3315D-91F6-4F50-9025-5CD557CC6A82}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F61BD7F8-33BB-4DE3-846A-FD955DE69DF6}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA6533B1-372B-47E4-8E44-31684AF70BEC}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A699F7-689B-46CD-A4AA-B197DEBADEE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06D28004-0B8D-41C0-9556-340C7D0B320C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{160B4DF5-49A4-46EC-951C-E72E17785B97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1675BBEE-67A8-4029-A91D-EF1576A0B975}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1B060A61-7604-4085-AA85-AAA823D9A744}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E205403-64DA-44FB-8A13-4742F8302F52}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B57DD95-2484-4324-94B0-FFF9BF3CD57E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{30A7CD3A-0524-44FA-B261-F37A4F82CC4F}" = protocol=6 | dir=out | app=system |
"{377C2549-5AD9-419E-A218-58CE654D690D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3E6E5F45-C09C-4EB9-88AF-402A1B9CDD9C}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{47F16B82-1310-49BF-B8B1-3A1BC770FA4C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E52D376-0035-4535-A07F-2F064819E95F}" = protocol=17 | dir=in | app=c:\windows\system32\xpsrchvw.exe |
"{5005FDE5-7C1A-40B4-BCBD-D3F5F4BC3204}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{502BAC88-A49D-4837-BDC7-3A5EC05621E5}" = protocol=6 | dir=in | app=c:\windows\system32\xpsrchvw.exe |
"{55631FCB-F509-4F5C-BCCF-4ACAC288E6BB}" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{5EA75D74-3400-461C-8C9E-3973001D2A98}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{866AE4EE-BF60-4BC3-921A-3DD3E1BFC2D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9FE0CF8A-BF5D-4065-906A-BE45DAD77B2B}" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"{A4C2278D-B6E1-4302-AAEF-D7D08F0779EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A75F03B0-2AB1-4160-91CC-DDFCC708E7C0}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{B5E8C4F9-A3DB-46AD-84C3-5EAA4706D502}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B80FF2A7-0455-4549-8B93-A84C7CEB79D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9BCEFDA-C2DB-44E0-8A1C-34E289768416}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E0172745-6D73-4019-A875-977634333C51}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E4C46449-C3F8-431A-B6A3-476AD7C2C278}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FF3D0E2B-76D6-4AAC-AF80-5F4147C44C56}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}" = Nero 8
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F5CC2EF8-20A4-4366-A681-3FE849E65809}" = RICOH Media Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"DAEMON Tools Lite" = DAEMON Tools Lite
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Internet Manager" = Internet Manager
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NVIDIA Drivers" = NVIDIA Drivers
"ReiseGenial_is1" = ReiseGenial 3.6.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.06.2012 15:29:26 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 14:43:38 | Computer Name = Flo-PC | Source = Avira Antivirus | ID = 4110
Description =
Error - 06.06.2012 15:18:03 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 15:18:03 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 11.06.2012 14:18:03 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 12.06.2012 14:50:02 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 21.06.2012 11:19:52 | Computer Name = Flo-PC | Source = Application Hang | ID = 1002
Description = Programm UninstallManager.exe, Version 12.0.3600.73 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: ea0 Startzeit: 01cd4fc12a1da240 Endzeit: 16 Anwendungspfad:
C:\Program Files\TuneUp Utilities 2012\UninstallManager.exe Berichts-ID: 86dbe191-bbb4-11e1-9fc1-001a737027a7
Error - 23.06.2012 07:27:59 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 26.06.2012 11:27:47 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 26.06.2012 11:27:47 | Computer Name = Flo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 26.06.2012 12:32:04 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Internet Manager. OUC erreicht.
Error - 26.06.2012 12:32:04 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 26.06.2012 12:32:05 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimmptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 26.06.2012 12:32:05 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimsptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 26.06.2012 12:32:05 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ricoh xD-Picture Card Driver" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 26.06.2012 12:32:16 | Computer Name = Flo-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler. Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
3 Fehlertyp: 256 Prozessor-ID: 1 Die Detailansicht dieses Eintrags beinhaltet weitere
Informationen.
Error - 27.06.2012 05:57:30 | Computer Name = Flo-PC | Source = BugCheck | ID = 1001
Description =
Error - 27.06.2012 05:57:34 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Internet Manager. OUC erreicht.
Error - 27.06.2012 05:57:34 | Computer Name = Flo-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 27.06.2012 05:57:36 | Computer Name = Flo-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Schwerwiegender Hardwarefehler. Gemeldet von Komponente: Prozessorkern
Fehlerquelle:
3 Fehlertyp: 256 Prozessor-ID: 1 Die Detailansicht dieses Eintrags beinhaltet weitere
Informationen.
< End of report >
Code:
OTL logfile created on: 27.06.2012 17:58:49 - Run 2
OTL by OldTimer - Version 3.2.50.0 Folder = K:\
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,94 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 50,51% Memory free
3,87 Gb Paging File | 2,89 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,56 Gb Total Space | 19,68 Gb Free Space | 13,90% Space Free | Partition Type: NTFS
Drive D: | 7,39 Gb Total Space | 2,23 Gb Free Space | 30,12% Space Free | Partition Type: NTFS
Drive I: | 66,88 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive K: | 1367,19 Gb Total Space | 109,71 Gb Free Space | 8,02% Space Free | Partition Type: NTFS
Drive L: | 30,07 Gb Total Space | 24,35 Gb Free Space | 80,95% Space Free | Partition Type: NTFS
Computer Name: FLO-PC | User Name: Flo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - K:\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\T-Mobile\InternetManager_H\bmop.exe (Bytemobile, Inc.)
PRC - C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe ()
PRC - C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe ()
PRC - C:\Program Files\T-Mobile\InternetManager_H\bmsdk.exe ()
PRC - C:\Program Files\T-Mobile\InternetManager_H\bmctl.exe (Bytemobile, Inc.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\ProgramData\DatacardService\HWDeviceService.exe ()
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\T-Mobile\InternetManager_H\SMSUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\SmsAppPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\USSDUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\StatusBarMgrPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\XFramePlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\sdk.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\SmsSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\XCodec.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\USSDSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\Trace.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\ServiceUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\Win7Support.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\rdiff.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\QtGui4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\QtCore4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\QtNetwork4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NDISAPI.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\MiniFramePlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\PluginContainer.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetInfoUIExPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetSettingPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\QtXml4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\Proxy.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetConnectPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetInfoRecordUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetInfoSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\MenuMgrPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NDISPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NetConnectSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\OSDialup.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\OSNDIS.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\OSAdapt.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\NotifyServicePlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qgif4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\plugins\imageformats\qico4.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\OSPowerMgr.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\mingwm10.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DeviceMgrUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DialupUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\core.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DeviceAppPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DeviceSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\LiveUpdateInterface.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\Common.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DialUpPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\DataServicePlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\HelpUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\LayoutPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\CompressRatePlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\libgcc_s_dw2-1.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\AddrBookPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\AddrBookUIPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\Internet Manager.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\AddrBookSrvPlugin.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\AtCodec.dll ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\bmsdk.exe ()
MOD - C:\Program Files\T-Mobile\InternetManager_H\ATR2SMgr.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Common Files\Nero\Lib\log4cxx.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (Internet Manager. RunOuc) -- C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe ()
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HWDeviceService.exe) -- C:\ProgramData\DatacardService\HWDeviceService.exe ()
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (CFcatchme) -- C:\Users\Flo\AppData\Local\Temp\CFcatchme.sys File not found
DRV - (catchme) -- C:\Users\Flo\AppData\Local\Temp\catchme.sys File not found
DRV - (ewusbmbb) -- C:\Windows\System32\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_wwanecm) -- C:\Windows\System32\drivers\ew_juwwanecm.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcacm) -- C:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_ext_ctrl) -- C:\Windows\System32\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV - (tcpipBM) -- C:\Windows\System32\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (BMLoad) -- C:\Windows\System32\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBTTN.sys (Hewlett-Packard Company)
DRV - (ATSwpWDF) -- C:\Windows\System32\drivers\ATSwpWDF.sys (AuthenTec, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 22 D8 49 DE 18 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109958&babsrc=SP_ss&mntrId=706feed6000000000000582c80139263
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012.02.20 12:17:46 | 000,000,000 | ---D | M]
[2012.06.21 17:19:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.06.19 18:54:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.04.18 18:38:39 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2012.06.26 18:14:46 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{053CF95D-444B-4D97-BCD6-6827006F6E13}: NameServer = 10.111.81.129 10.129.32.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0DB34FEC-0DEC-4F5D-B477-8CB0231FE7F1}: NameServer = 10.129.32.1 10.111.81.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F06EC670-4838-4825-A00E-F173CE4E650F}: NameServer = 10.74.210.210 10.74.210.211
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2010.12.30 21:56:05 | 000,147,808 | R--- | M] () - I:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.09.25 12:46:52 | 000,000,045 | R--- | M] () - I:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.27 17:09:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2012.06.27 17:09:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2012.06.27 17:09:09 | 000,000,000 | ---D | C] -- C:\Windows\nvtmpinst
[2012.06.27 16:17:09 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.06.27 16:17:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.06.27 16:17:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.06.27 16:17:07 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.06.27 16:17:06 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.06.27 16:17:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.06.27 16:17:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.06.27 16:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2012.06.27 16:13:35 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012.06.27 16:03:43 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.06.27 16:03:43 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.06.27 16:03:40 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.06.27 16:03:35 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.06.27 16:03:34 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.06.27 16:03:34 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.06.27 16:03:34 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.06.27 16:03:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.06.27 16:03:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.06.27 16:03:29 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.06.27 16:03:27 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.06.27 16:03:26 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.06.27 16:03:09 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.06.27 16:03:08 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.06.27 16:03:08 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.06.27 16:03:08 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.06.27 16:03:08 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.06.27 16:03:08 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.06.27 16:01:00 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012.06.27 16:00:59 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012.06.27 16:00:59 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012.06.27 16:00:55 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012.06.27 15:59:36 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.06.27 15:59:36 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.06.27 15:59:36 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.06.27 15:58:28 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.06.27 15:58:28 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.06.27 15:58:10 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012.06.27 15:58:05 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012.06.27 15:58:05 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012.06.27 15:57:50 | 002,342,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.06.27 15:56:28 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012.06.27 15:56:28 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012.06.27 15:46:34 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.27 15:46:34 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.27 15:46:28 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.27 15:46:28 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.27 15:46:28 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.27 15:46:25 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.27 15:46:25 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.27 15:23:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.06.27 15:21:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.06.26 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.06.26 18:24:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.06.26 18:20:50 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.06.26 17:44:09 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\temp
[2012.06.25 20:10:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.06.25 20:10:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.06.25 20:10:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.06.25 19:59:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.06.25 19:58:47 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.06.21 18:40:29 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\NPE
[2012.06.21 18:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.06.19 18:53:57 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.06.19 18:53:56 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.06.19 18:53:56 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.06.19 18:53:56 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.06.19 18:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.05.29 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\ReiseGenial
[2012.05.29 21:16:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReiseGenial
[2012.05.29 21:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\ReiseGenial
========== Files - Modified Within 30 Days ==========
[2012.06.27 18:01:05 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.27 18:01:05 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.27 18:01:05 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.27 18:01:05 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.27 17:33:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.06.27 17:32:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.27 17:32:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.27 17:27:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.27 17:26:18 | 1559,433,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.27 16:34:22 | 000,412,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.27 16:24:38 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.06.27 15:20:52 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.06.27 15:20:52 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.06.27 15:20:51 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.06.26 18:14:46 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.06.23 13:37:35 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.23 13:37:35 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.21 18:41:36 | 013,466,490 | ---- | M] () -- C:\ProgramData\SMRBackup300.dat
[2012.06.03 00:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.03 00:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.05.29 13:09:54 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012.05.29 13:09:50 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
========== Files Created - No Company Name ==========
[2012.06.27 16:24:38 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2012.06.25 20:10:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.06.25 20:10:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.06.25 20:10:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.06.25 20:10:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.06.25 20:10:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.06.21 18:40:57 | 013,466,490 | ---- | C] () -- C:\ProgramData\SMRBackup300.dat
[2012.02.14 21:57:30 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2011.09.15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
< End of report >
mfg Knut |
