zuihjk33 | 21.08.2012 00:45 | Danke für die Hilfe, ich hoffe, ich habe alles richtig gemacht.
Malwarebytes-Log: Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.20.09
Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
*** :: KINDLERM-PC [Administrator]
Schutz: Deaktiviert
20.08.2012 23:14:59
mbam-log-2012-08-20 (23-14-59).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 408689
Laufzeit: 46 Minute(n), 6 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
C:\Users\***\0.6628556430930512.exe (Exploit.Drop.UR.2) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
OTL Log 1: Code:
OTL logfile created on: 21.08.2012 01:21:37 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 79,60% Memory free
8,00 Gb Paging File | 7,22 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 142,30 Gb Free Space | 61,13% Space Free | Partition Type: NTFS
Computer Name: KINDLERM-PC | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Opera\opera.exe (Opera Software)
PRC - C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe (Opera Software)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll ()
MOD - C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe (Symantec Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
SRV - (ANIWConnService) -- C:\Windows\SysWOW64\ANIWConnService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys (Symantec Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\Dnetr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (anodlwf) -- C:\Windows\SysNative\drivers\anodlwfx.sys ()
DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120819.007\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120819.007\eng64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120811.003\BHDrvx64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120817.001\IDSviA64.sys (Symantec Corporation)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 03 22 9D ED 61 CD 01 [binary data]
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\..\SearchScopes,DefaultScope = {C939983B-4159-4477-B547-8232D0E5EB9D}
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\..\SearchScopes\{9919BC3B-2A95-4d3e-B3E0-51D14C72E3C2}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\..\SearchScopes\{C939983B-4159-4477-B547-8232D0E5EB9D}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
IE - HKU\S-1-5-21-2000553802-1953088719-948754468-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.9.0.9216
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012.02.01 11:34:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012.08.21 00:15:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.06 18:33:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.04 10:48:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.06 18:33:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.04 10:48:06 | 000,000,000 | ---D | M]
[2010.04.30 22:04:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2012.08.04 15:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dmh80664.default\extensions
[2012.08.04 15:47:40 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dmh80664.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.01.30 19:21:39 | 000,000,873 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dmh80664.default\searchplugins\conduit.xml
[2011.10.22 20:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.14 14:15:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.08.21 00:15:14 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\COFFPLGN
[2012.02.01 11:34:15 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPLGN
[2012.08.06 18:33:36 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.08.04 10:48:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.04 10:48:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.08.04 10:48:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.04 10:48:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.04 10:48:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.04 10:48:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2000553802-1953088719-948754468-1000..\Run: [EA Gaming Mouse] C:\PROGRA~2\EAGAMI~1\Taco2.exe ()
O4 - HKU\S-1-5-21-2000553802-1953088719-948754468-1000..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2000553802-1953088719-948754468-1000..\Run: [uxufemiwqgxjice] C:\ProgramData\uxufemiw.exe (GreatWall)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{38DA8FB6-FEE4-490F-8D08-A2AA8A06A422}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{20f1bef0-0e5f-11df-8b77-6cf0490865a3}\Shell - "" = AutoRun
O33 - MountPoints2\{20f1bef0-0e5f-11df-8b77-6cf0490865a3}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{662884f1-0e89-11df-a3e7-6cf0490865a3}\Shell - "" = AutoRun
O33 - MountPoints2\{662884f1-0e89-11df-a3e7-6cf0490865a3}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{824fe253-0e3c-11df-8dc4-6cf0490865a3}\Shell - "" = AutoRun
O33 - MountPoints2\{824fe253-0e3c-11df-8dc4-6cf0490865a3}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{a67a9c33-0dd0-11df-ab0f-6cf0490865a3}\Shell - "" = AutoRun
O33 - MountPoints2\{a67a9c33-0dd0-11df-ab0f-6cf0490865a3}\Shell\AutoRun\command - "" = E:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.21 01:18:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.20 21:59:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2012.08.20 21:59:43 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.20 21:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.20 21:59:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.20 21:59:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.20 13:32:44 | 000,097,280 | ---- | C] (GreatWall) -- C:\ProgramData\uxufemiw.exe
[2012.08.20 13:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\psufwjgwqdesrgl
[2012.08.15 09:05:29 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.15 09:05:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.15 09:05:28 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.15 09:05:28 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.15 09:05:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.15 09:05:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.15 09:05:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.15 09:05:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.15 09:05:26 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.15 09:05:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.15 09:05:25 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.15 09:05:23 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 09:05:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 05:51:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 05:51:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 05:51:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 05:51:19 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.04 10:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.08.04 10:48:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.08.21 01:18:58 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2012.08.21 00:16:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.21 00:16:26 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.21 00:14:49 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2012.08.21 00:10:21 | 000,016,736 | ---- | M] () -- C:\Users\***\Documents\malwarebytes log.odt
[2012.08.20 21:59:43 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.20 20:07:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.20 20:07:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.20 20:04:14 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.20 20:04:14 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.20 20:04:14 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.20 20:04:14 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.20 20:04:14 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.20 14:10:05 | 000,014,099 | ---- | M] () -- C:\Users\***\Documents\Bewerbung Mama.odt
[2012.08.20 13:32:44 | 000,000,051 | ---- | M] () -- C:\ProgramData\qakifaitoodzwtt
[2012.08.20 13:32:37 | 000,097,280 | ---- | M] (GreatWall) -- C:\ProgramData\uxufemiw.exe
[2012.08.18 20:43:00 | 000,000,518 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ***.job
[2012.08.16 09:40:40 | 000,008,942 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\VT20120731.038
[2012.08.15 20:48:05 | 000,013,508 | ---- | M] () -- C:\Users\***\Documents\9Gag.odt
[2012.08.15 18:43:38 | 000,002,501 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.08.15 18:43:19 | 001,868,217 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\Cat.DB
[2012.08.15 09:28:24 | 000,283,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.10 07:28:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\isolate.ini
[2012.08.06 11:22:50 | 000,007,551 | ---- | M] () -- C:\Users\***\Documents\termin.odt
[2012.07.30 14:38:08 | 000,012,964 | ---- | M] () -- C:\Users\***\Documents\allgemeines Bewerbungsschreiben..odt
[2012.07.22 22:21:14 | 478,437,396 | ---- | M] () -- C:\Windows\MEMORY.DMP
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.08.21 00:10:20 | 000,016,736 | ---- | C] () -- C:\Users\***\Documents\malwarebytes log.odt
[2012.08.20 21:59:43 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.20 14:10:04 | 000,014,099 | ---- | C] () -- C:\Users\***\Documents\Bewerbung Mama.odt
[2012.08.20 13:32:40 | 000,000,051 | ---- | C] () -- C:\ProgramData\qakifaitoodzwtt
[2012.08.06 11:22:49 | 000,007,551 | ---- | C] () -- C:\Users\***\Documents\termin.odt
[2012.08.04 11:37:03 | 000,013,508 | ---- | C] () -- C:\Users\***\Documents\9Gag.odt
[2012.08.04 10:48:15 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.27 17:30:14 | 000,012,964 | ---- | C] () -- C:\Users\***\Documents\allgemeines Bewerbungsschreiben..odt
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.01.31 13:57:02 | 000,007,605 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2010.01.25 22:10:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.25 19:48:30 | 000,003,284 | ---- | C] () -- C:\Users\***\AppData\Roaming\ANIWZCS{38DA8FB6-FEE4-490F-8D08-A2AA8A06A422}
Log 2: Code:
OTL Extras logfile created on: 21.08.2012 01:21:37 - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,18 Gb Available Physical Memory | 79,60% Memory free
8,00 Gb Paging File | 7,22 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 142,30 Gb Free Space | 61,13% Space Free | Partition Type: NTFS
Computer Name: KINDLERM-PC | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4DE6741D-4AE0-4CB1-A6BA-986F91BF66E3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{85BA15E2-8944-42D9-8B45-26121D453590}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9FEB50CC-E498-407A-A0B8-5B21465AC6E6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F66B23F1-0E43-4C99-82C5-584CC909D7B6}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{24D25355-9714-4DAB-BBE0-55C9C382D9F6}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{331BA31A-411E-4A8C-A279-ACCC75807E84}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{3B7EB523-388E-4626-9F97-12FB5645FE74}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{7200708D-D82B-4180-A76D-691ED76422F5}" = protocol=6 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"{830CB232-9506-4B5E-9F31-25219A958E37}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8DB1F2F2-0CF7-426E-A8CA-42B6B98F1ACB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9EE55725-0ACA-4D39-A08A-B79068CDC96A}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A094B098-E897-4F4F-BE37-8A14B1256494}" = protocol=17 | dir=in | app=c:\program files (x86)\gamespy arcade\aphex.exe |
"{A8B2AC84-23BB-463A-8ABE-736FE9B86582}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B1C86643-92E6-41B7-96F5-BFFE455ED4A2}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B36572DD-E77E-4A40-8070-8E07EFA61F6C}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe |
"{C68A8258-E530-408E-846A-13AE4AA2E7C3}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{CBF95B65-B37D-4737-903C-FF1142DE2ABE}" = protocol=58 | dir=in | app=system |
"{CD3F539A-D967-4A6F-9770-174FFA5CAEEA}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D3B562AF-447F-43B7-AB9F-5EF6B4CB1394}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2010\f1_2010_game.exe |
"{EF0D039D-065D-44B5-A18D-0135C335822D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EF5EA691-C20D-4FAB-8C27-CFFA325935C7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{FC58F81E-8F99-4944-9BE6-B2002E8C033B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{611F19E2-0B1B-4C79-92C9-B57015C353EE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{252E25F9-14F1-4943-99E8-EE0417890AF4}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{534A3680-A7CE-80D0-029B-2105ADA363AB}" = ATI AVIVO64 Codecs
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5F94D3B9-2B02-9C37-740B-A59C7B8D17CC}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A792E67C-FDA4-A301-0C3C-53BA86EFBB5A}" = ccc-utility64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0904.1
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}" = WN111v2
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Cinfigurer
"{3D6A24EA-A543-6C84-351E-D7646E7AB86E}" = Catalyst Control Center InstallProxy
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{47CAFF95-C3D8-ABF2-70BC-89DE00D8FB19}" = Catalyst Control Center Graphics Light
"{4962EBAC-AE7C-1B22-1EA0-0916A7E40954}" = Catalyst Control Center Graphics Full Existing
"{49A62E2B-B35C-941D-DF48-601207CF14C0}" = Catalyst Control Center Graphics Previews Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{582E9125-32B6-4CBA-AB48-3E33CE3DB389}" = NETGEAR RangeMax(TM) Wireless USB 2.0 Adapter WPN111
"{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX
"{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A490E11-6C8A-777C-4E00-43F3CC16A1EC}" = CCC Help English
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77919701-C3E7-09AA-D2F7-DBF42CD7C13D}" = Catalyst Control Center HydraVision Full
"{78B2F09F-BDC7-7865-CF4C-233B64A3BE51}" = Catalyst Control Center Graphics Full New
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.19
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader Extreme
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E5EAB78-59D0-9C95-4907-E50E359E7E5E}" = HydraVision
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C7D27207-0F86-4B6F-859C-21800A2C592E}" = Grand Prix 4
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D241BBEC-B1C7-7953-EDDE-D90A654A8D2C}" = ccc-core-static
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5C24E77-099E-9B84-5BE2-708E70B938A9}" = Catalyst Control Center Core Implementation
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link Wireless N DWA-140
"{D96021A9-B290-4783-B019-0E4000DA84CE}" = S4 League_EU
"{DC4757E2-BAE3-0BFE-C6E5-576CB911FF52}" = Catalyst Control Center Graphics Previews Vista
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EA18DE8E-B3E6-4D82-A086-9BE2316FA5A5}" = AMD OverDrive
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"82A44D22-9452-49FB-00FB-CEC7DCAF7E23" = EA SPORTS online 2007
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"EA Gaming Mouse" = EA Gaming Mouse
"Elasto Mania" = Elasto Mania
"f(x)-Viewer_is1" = f(x)-Viewer 2.0.1
"FileZilla Client" = FileZilla Client 3.3.2.1
"Fraps" = Fraps (remove only)
"Free Audio Converter_is1" = Free Audio Converter version 2.0
"Free Video Dub_is1" = Free Video Dub version 1.8
"Game Maker 8.0" = Game Maker 8.0
"GameSpy Arcade" = GameSpy Arcade
"GeoGebra" = GeoGebra
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"OpenAL" = OpenAL
"Opera 12.01.1532" = Opera 12.01
"Shockwave" = Shockwave
"Steam App 400" = Portal
"TmNationsForever_is1" = TmNationsForever Update 2010-03-15
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.04.2011 15:36:36 | Computer Name = Kindlerm-Pc | Source = RasClient | ID = 20227
Description =
Error - 11.04.2011 15:37:57 | Computer Name = Kindlerm-Pc | Source = RasClient | ID = 20227
Description =
Error - 11.04.2011 15:38:17 | Computer Name = Kindlerm-Pc | Source = RasClient | ID = 20227
Description =
Error - 12.04.2011 14:02:10 | Computer Name = Kindlerm-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Stronghold Crusader.exe, Version:
1.0.0.1, Zeitstempel: 0x4a66f6ce Name des fehlerhaften Moduls: Stronghold Crusader.exe,
Version: 1.0.0.1, Zeitstempel: 0x4a66f6ce Ausnahmecode: 0xc0000005 Fehleroffset:
0x000541b5 ID des fehlerhaften Prozesses: 0xea4 Startzeit der fehlerhaften Anwendung:
0x01cbf9372b7d5af2 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Firefly
Studios\Stronghold Crusader\Stronghold Crusader.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
Berichtskennung:
fc5fdd05-652e-11e0-8e11-caa25143e1bc
Error - 13.04.2011 04:31:05 | Computer Name = Kindlerm-Pc | Source = RasClient | ID = 20227
Description =
Error - 15.04.2011 14:09:40 | Computer Name = Kindlerm-Pc | Source = Application Hang | ID = 1002
Description = Programm opera.exe, Version 11.1.1190.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: cec Startzeit:
01cbfb9518c849a6 Endzeit: 5 Anwendungspfad: C:\Program Files (x86)\Opera\opera.exe
Berichts-ID:
85e555d5-678b-11e0-8262-6cf0490865a3
Error - 30.04.2011 16:29:34 | Computer Name = Kindlerm-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 11.10.2092.0,
Zeitstempel: 0x4da2e3d8 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16644,
Zeitstempel: 0x4c4ee5ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x0007fff3 ID des fehlerhaften
Prozesses: 0xe28 Startzeit der fehlerhaften Anwendung: 0x01cc0765102e839e Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Opera\opera.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\SHELL32.dll Berichtskennung: 8f3fa165-7368-11e0-81bc-6cf0490865a3
Error - 30.04.2011 16:30:09 | Computer Name = Kindlerm-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 11.10.2092.0,
Zeitstempel: 0x4da2e3d8 Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.1.7600.16644,
Zeitstempel: 0x4c4ee5ad Ausnahmecode: 0xc0000005 Fehleroffset: 0x0007fff3 ID des fehlerhaften
Prozesses: 0x564 Startzeit der fehlerhaften Anwendung: 0x01cc07755d28ece7 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Opera\opera.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\SHELL32.dll Berichtskennung: a3bc50ae-7368-11e0-81bc-6cf0490865a3
Error - 20.05.2011 08:35:16 | Computer Name = Kindlerm-Pc | Source = Application Hang | ID = 1002
Description = Programm opera.exe, Version 11.10.2092.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d70 Startzeit:
01cc16e7883f6e56 Endzeit: 3 Anwendungspfad: C:\Program Files (x86)\Opera\opera.exe
Berichts-ID:
9bbb6bbe-82dd-11e0-8233-8c2cb2144ab8
Error - 08.06.2011 15:03:15 | Computer Name = Kindlerm-Pc | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.3.0.111, Zeitstempel:
0x4dac4a84 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,
Zeitstempel: 0x4a5bdbdf Ausnahmecode: 0xe0fafafa Fehleroffset: 0x0000b727 ID des fehlerhaften
Prozesses: 0x568 Startzeit der fehlerhaften Anwendung: 0x01cc260ea913b275 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften
Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: f6082bd3-9201-11e0-9a11-9263587bb9b9
[ Media Center Events ]
Error - 11.11.2010 10:25:57 | Computer Name = Kindlerm-Pc | Source = MCUpdate | ID = 0
Description = 15:25:57 - Fehler beim Herstellen der Internetverbindung. 15:25:57
- Serververbindung konnte nicht hergestellt werden..
Error - 11.11.2010 10:26:19 | Computer Name = Kindlerm-Pc | Source = MCUpdate | ID = 0
Description = 15:26:02 - Fehler beim Herstellen der Internetverbindung. 15:26:02
- Serververbindung konnte nicht hergestellt werden..
Error - 22.11.2010 01:14:38 | Computer Name = Kindlerm-Pc | Source = MCUpdate | ID = 0
Description = 06:14:33 - Fehler beim Herstellen der Internetverbindung. 06:14:33
- Serververbindung konnte nicht hergestellt werden..
Error - 20.01.2011 10:19:50 | Computer Name = Kindlerm-Pc | Source = MCUpdate | ID = 0
Description = 15:19:49 - Fehler beim Herstellen der Internetverbindung. 15:19:50
- Serververbindung konnte nicht hergestellt werden..
Error - 20.01.2011 10:20:00 | Computer Name = Kindlerm-Pc | Source = MCUpdate | ID = 0
Description = 15:19:55 - Fehler beim Herstellen der Internetverbindung. 15:19:55
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 20.08.2012 19:19:46 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:19:46 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:21:34 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:21:34 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:21:52 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:21:52 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:26:22 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:26:22 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:26:52 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 20.08.2012 19:26:52 | Computer Name = Kindlerm-Pc | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report > |