TinaWimpern | 31.08.2012 17:19 | Nichts auf dem Desktop!Brache dringlich hilfe! Hallo!
Ich hab' ein Problem und zwar vor 10 Minuten läuft alles super aber denn auf einmal ist nichts auf meinem Desktop zu sehen! Woran liegt das? Ist das ein Virus?
Zur Sicherheit habe ich OTL heruntergeladen und die Dinge,also information über alles gescannt!Kann mir vielleicht helfen?
OTL .TxtOTL Logfile: Code:
OTL logfile created on: 31.08.2012 18:05:30 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\nn\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,24 Gb Available Physical Memory | 80,99% Memory free
8,00 Gb Paging File | 7,28 Gb Available in Paging File | 91,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 404,71 Gb Free Space | 86,91% Space Free | Partition Type: NTFS
Computer Name: NN-PC | User Name: nn | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\nn\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (HssDRV6) -- C:\Windows\SysNative\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadserd) -- C:\Windows\SysNative\drivers\ssadserd.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 A4 CD 83 1B 83 CD 01 [binary data]
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\..\SearchScopes\{882A3B7E-0833-45FE-8FF2-A2559EE0884D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=5e2b6436-7540-422e-835c-6ef273a14fbf&apn_sauid=E1F9C820-C2B3-49C6-A470-7059FB3812FE
IE - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..network.proxy.autoconfig_url: "chrome://viewtubes/content/viewtubes_false.pac"
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 20:33:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.18 20:33:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.07.03 16:33:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nn\AppData\Roaming\mozilla\Extensions
[2012.08.30 21:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\nn\AppData\Roaming\mozilla\Firefox\Profiles\j5bb7k77.default\extensions
[2012.07.03 16:36:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\nn\AppData\Roaming\mozilla\Firefox\Profiles\j5bb7k77.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.23 17:21:39 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\nn\AppData\Roaming\mozilla\Firefox\Profiles\j5bb7k77.default\extensions\ich@maltegoetz.de
[2012.08.26 01:43:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.18 20:33:20 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1532628121-4093330206-2988586389-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{977A78CD-3E6F-463C-B026-DC13D65E9E65}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.08.26 20:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2012.08.26 20:35:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2012.08.23 20:40:38 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012.08.23 15:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.23 15:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.08.23 15:53:15 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.23 15:53:15 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.23 15:53:15 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.23 15:53:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.23 15:53:00 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.23 15:53:00 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.23 15:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.08.23 15:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra
[2012.08.23 15:48:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GeoGebra
[2012.08.16 03:03:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.16 03:03:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.16 03:03:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.16 03:03:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.16 03:03:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.16 03:03:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.16 03:03:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.16 03:03:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.16 03:03:54 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.16 03:03:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.16 03:03:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.16 03:03:52 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.16 03:03:51 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 17:12:39 | 000,000,000 | ---D | C] -- C:\Users\nn\AppData\Local\Apple Computer
[2012.08.15 13:24:58 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 13:24:54 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 13:24:53 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 13:24:53 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 13:24:34 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 13:24:34 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 13:24:34 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 13:24:30 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.02 17:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\smartdl
[2012.08.01 20:13:42 | 000,041,704 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2012.08.01 20:13:40 | 000,038,632 | ---- | C] (AnchorFree Inc) -- C:\Windows\SysNative\drivers\taphss.sys
========== Files - Modified Within 30 Days ==========
[2012.08.31 18:00:18 | 002,010,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.31 18:00:18 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.31 18:00:18 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.31 18:00:18 | 000,433,190 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2012.08.31 18:00:18 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.31 18:00:18 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.31 18:00:18 | 000,081,950 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2012.08.31 17:55:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.31 17:55:48 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.31 17:53:48 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.08.31 17:48:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.31 17:47:42 | 000,001,881 | ---- | M] () -- C:\Users\nn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.31 17:36:35 | 050,883,773 | ---- | M] () -- C:\Users\nn\Desktop\Jhalak Dikhhla Jaa Sneak Peak Saturday.VOB.mp4
[2012.08.31 15:38:05 | 000,019,765 | ---- | M] () -- C:\Users\nn\Desktop\1.jpg
[2012.08.31 15:25:34 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.31 15:25:34 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.30 15:01:01 | 000,007,884 | ---- | M] () -- C:\Users\nn\Desktop\Unbenannt.png
[2012.08.26 01:03:23 | 000,000,132 | ---- | M] () -- C:\Users\nn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.08.23 15:52:50 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.08.23 15:52:48 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.08.23 15:52:48 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.08.23 15:52:47 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.08.23 15:52:47 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.08.23 15:52:47 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.08.21 15:13:44 | 000,001,456 | ---- | M] () -- C:\Users\nn\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.08.16 12:19:31 | 004,843,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.15 13:48:49 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 13:48:49 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.05 15:02:48 | 000,000,132 | ---- | M] () -- C:\Users\nn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.08.01 20:13:42 | 000,041,704 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\hssdrv6.sys
[2012.08.01 20:13:40 | 000,038,632 | ---- | M] (AnchorFree Inc) -- C:\Windows\SysNative\drivers\taphss.sys
[2012.08.01 19:13:16 | 000,184,700 | ---- | M] () -- C:\torrent.exe
========== Files Created - No Company Name ==========
[2012.08.31 17:47:42 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.08.31 17:47:42 | 000,001,881 | ---- | C] () -- C:\Users\nn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.08.31 17:33:26 | 050,883,773 | ---- | C] () -- C:\Users\nn\Desktop\Jhalak Dikhhla Jaa Sneak Peak Saturday.VOB.mp4
[2012.08.31 15:38:03 | 000,019,765 | ---- | C] () -- C:\Users\nn\Desktop\1.jpg
[2012.08.30 15:01:01 | 000,007,884 | ---- | C] () -- C:\Users\nn\Desktop\Unbenannt.png
[2012.08.26 20:35:08 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.23 20:40:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.05 15:02:48 | 000,000,132 | ---- | C] () -- C:\Users\nn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012.08.01 19:13:16 | 000,184,700 | ---- | C] () -- C:\torrent.exe
[2012.06.12 15:05:44 | 000,000,132 | ---- | C] () -- C:\Users\nn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.05.31 18:00:20 | 000,004,608 | ---- | C] () -- C:\Users\nn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.29 01:01:48 | 000,001,456 | ---- | C] () -- C:\Users\nn\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.05.27 13:29:49 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.05.27 13:07:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== LOP Check ==========
[2012.08.01 00:28:07 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.05.28 17:09:58 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.05.28 18:34:14 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\Publish Providers
[2012.08.12 21:37:37 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\Sony
[2012.06.01 16:32:19 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\Sony Creative Software Inc
[2012.07.15 14:31:21 | 000,000,000 | ---D | M] -- C:\Users\nn\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.08.20 13:05:11 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
Extras.TxtOTL Logfile: Code:
OTL Extras logfile created on: 31.08.2012 18:05:30 - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\nn\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,24 Gb Available Physical Memory | 80,99% Memory free
8,00 Gb Paging File | 7,28 Gb Available in Paging File | 91,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 404,71 Gb Free Space | 86,91% Space Free | Partition Type: NTFS
Computer Name: NN-PC | User Name: nn | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1532628121-4093330206-2988586389-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2265F229-0584-449B-9DF7-7B93D1B33FF8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B62203A-85B7-49A8-B5EE-84CB9A22EB93}" = rport=138 | protocol=17 | dir=out | app=system |
"{4A034EA3-A21E-453A-B930-420E2E2B702F}" = lport=445 | protocol=6 | dir=in | app=system |
"{4C25563F-22DC-4C5A-A028-F1EDF2460D41}" = rport=139 | protocol=6 | dir=out | app=system |
"{52F503D2-3127-4164-A891-3BA7974CEA74}" = lport=10243 | protocol=6 | dir=in | app=system |
"{55C898CB-CD52-404E-AC49-DAC7CC3AE142}" = lport=137 | protocol=17 | dir=in | app=system |
"{5B9F521D-7F20-4C19-B9B9-BDBA51E19EAF}" = rport=137 | protocol=17 | dir=out | app=system |
"{61C1EC49-8214-4BA8-A7C0-21B1C9A3E204}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{62DB932F-619A-4BA2-88C4-A15C70F564E2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{730DBDE3-1A0A-4AB6-8DD0-C44639214E7F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{79761176-F251-4F7A-ACFE-0E484A9554EA}" = rport=445 | protocol=6 | dir=out | app=system |
"{7FAC47A4-D8A2-4D73-9194-752AADFE6B9E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8699E749-BEFC-4E20-9394-8484B931270A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{911C165D-68BA-4D8E-BBB1-06C21CBD7F07}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92E7A943-532A-4063-9E1F-A7EDA187A1F3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{980EEF18-5EED-467F-84C2-F3B6413DDB01}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AA8C3B45-90A3-46B4-A1A7-ACA40A2DFF68}" = lport=138 | protocol=17 | dir=in | app=system |
"{B4C7CBF4-D8C2-43E9-A1C0-514596608CA7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DA9708DB-EBE6-4394-B2B8-1E5C1664B543}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E10B0780-6994-4B0E-BD3B-8957B2474C52}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F4B88127-64B0-4645-BAED-16C0D7C25046}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0742157B-DA77-4A9C-881F-075AB687F6A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1BDF4512-D6C7-49EB-8BE8-56CAE349E470}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28A73423-3AE3-415E-B02C-8D96DFA89818}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2D3C1243-F29E-44AA-86FF-5E35705FA05B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3447FC89-9287-4BCB-A46D-E29EB382B2BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B849B96-68ED-4DBC-A602-35F35AE744A2}" = protocol=6 | dir=out | app=system |
"{40BA9443-BBEC-4D4B-9DA0-DBF1A2DE50DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{43A510EE-130E-498A-9085-56E4EC067AB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4776C84A-EFAC-4363-AAE0-7F0E30D4CFED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{47BCA1AE-4742-48E2-9399-60DD82AD0677}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4FCDF9BE-81F6-4889-878F-EA1B61D54F81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5524F8D6-C86A-45AB-B204-61D6E1A393E1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6C02A285-A486-4479-A14B-F15021C11688}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{70DA952C-8678-4524-806A-6CFA54090848}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{91EC7CBF-593E-47B0-808F-CD004A7F88C3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C2FDDB97-B84A-4F86-9209-6167437C407E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C81A9BD0-39E2-4A64-8847-2DA797C154DF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C97AFBCB-7C69-4EAC-9C01-F3B8712CBEF3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB7138A0-7AB3-4ACC-847A-F9AB95082589}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F91AA431-D086-48B3-9F06-DBDABE67B980}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06B60360-9DBD-4593-90A0-FD237F0845A2}" = Topaz DeNoise 5 (64-bit)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F375FC22-BC8A-4A15-ABE6-15EE1450BF86}" = Topaz B&W Effects (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA85C599-2569-4C48-9AA6-2B8D8F029FA7}" = Topaz Clean 3 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6BE7495E-8DF1-11E1-BB7D-F04DA23A5C58}" = Vegas Pro 11.0
"{70CB6C40-8DF1-11E1-BDCF-F04DA23A5C58}" = MSVCRT Redists
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B7EB8FB7-F89E-480B-952D-813F413653BE}" = Topaz B&W Effects
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"GeoGebra" = GeoGebra
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Basic)
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NewBlue 3D Explosions for Vegas" = NewBlue 3D Explosions for Vegas
"NewBlue 3D Transformations for Vegas" = NewBlue 3D Transformations for Vegas
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Blends 2.0 for Vegas" = NewBlue Motion Blends 2.0 for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"PluginPac" = DebugMode PluginPac (remove only)
"Topaz B&W Effects" = Topaz B&W Effects
"Topaz B&W Effects (64-bit)" = Topaz B&W Effects (64-bit)
"Topaz Clean 3" = Topaz Clean 3
"Topaz Clean 3 (64-bit)" = Topaz Clean 3 (64-bit)
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz DeNoise 5 (64-bit)" = Topaz DeNoise 5 (64-bit)
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1532628121-4093330206-2988586389-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.08.2012 09:41:09 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000bde7 ID des fehlerhaften
Prozesses: 0x1210 Startzeit der fehlerhaften Anwendung: 0x01cd7c7d72d80716 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
3328ce63-e871-11e1-95e0-485b3927180e
Error - 24.08.2012 13:07:53 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce903 ID des fehlerhaften
Prozesses: 0x1c48 Startzeit der fehlerhaften Anwendung: 0x01cd82105e7bf63b Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 3da94718-ee0e-11e1-9f46-485b3927180e
Error - 25.08.2012 06:52:41 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce903 ID des fehlerhaften
Prozesses: 0x840 Startzeit der fehlerhaften Anwendung: 0x01cd82ab9469e243 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: fda613a3-eea2-11e1-9f46-485b3927180e
Error - 25.08.2012 19:40:18 | Computer Name = nn-PC | Source = Application Hang | ID = 1002
Description = Programm HSS-2.67-install-chip-389-conduit.exe, Version 0.0.0.0 kann
nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den
Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen
zum Problem zu suchen. Prozess-ID: bbc Startzeit: 01cd831ac73f396f Endzeit: 7 Anwendungspfad:
C:\Users\nn\Downloads\HSS-2.67-install-chip-389-conduit.exe Berichts-ID:
Error - 25.08.2012 20:09:04 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000bde7 ID des fehlerhaften
Prozesses: 0x1db8 Startzeit der fehlerhaften Anwendung: 0x01cd831127b4a1c6 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
3e635276-ef12-11e1-9f46-485b3927180e
Error - 26.08.2012 08:38:30 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000080 ID des fehlerhaften
Prozesses: 0xd84 Startzeit der fehlerhaften Anwendung: 0x01cd8370605b04a6 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: f06516a3-ef7a-11e1-ba62-485b3927180e
Error - 26.08.2012 10:33:35 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xbe8 Startzeit der fehlerhaften Anwendung: 0x01cd8387fc54f342 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 044902c6-ef8b-11e1-b0b2-485b3927180e
Error - 27.08.2012 15:06:35 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195,
Zeitstempel: 0x4dcddbf3 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000bde7 ID des fehlerhaften
Prozesses: 0x1a20 Startzeit der fehlerhaften Anwendung: 0x01cd84862730d4e2 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
Berichtskennung:
51fb2ec6-f07a-11e1-9824-485b3927180e
Error - 30.08.2012 09:13:34 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vegas110.exe, Version: 11.0.0.682,
Zeitstempel: 0x4f9674c3 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
Zeitstempel: 0x4ec49d10 Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce903 ID des fehlerhaften
Prozesses: 0x1320 Startzeit der fehlerhaften Anwendung: 0x01cd86af582e95ba Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Sony\Vegas Pro 11.0\vegas110.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 7fd68ee4-f2a4-11e1-9aef-485b3927180e
Error - 30.08.2012 17:54:11 | Computer Name = nn-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16448,
Zeitstempel: 0x4fecf1b7 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16850,
Zeitstempel: 0x4e211485 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000b9bc ID des fehlerhaften
Prozesses: 0xb14 Startzeit der fehlerhaften Anwendung: 0x01cd86f9fafc8795 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll Berichtskennung: 3ab79684-f2ed-11e1-a74e-485b3927180e
[ System Events ]
Error - 31.08.2012 09:19:40 | Computer Name = nn-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 31.08.2012 11:53:08 | Computer Name = nn-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2012 um 17:50:44 unerwartet heruntergefahren.
Error - 31.08.2012 11:53:06 | Computer Name = nn-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 31.08.2012 11:53:06 | Computer Name = nn-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 31.08.2012 11:55:53 | Computer Name = nn-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?31.?08.?2012 um 17:54:00 unerwartet heruntergefahren.
Error - 31.08.2012 11:55:59 | Computer Name = nn-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avipbb avkmgr discache spldr Wanarpv6
Error - 31.08.2012 11:56:14 | Computer Name = nn-PC | Source = DCOM | ID = 10005
Description =
Error - 31.08.2012 11:56:21 | Computer Name = nn-PC | Source = DCOM | ID = 10005
Description =
Error - 31.08.2012 11:56:26 | Computer Name = nn-PC | Source = DCOM | ID = 10005
Description =
Error - 31.08.2012 11:56:27 | Computer Name = nn-PC | Source = DCOM | ID = 10005
Description =
< End of report > --- --- ---
Danke im Vorraus!
Wenn es nicht daran liegt,woran liegt es denn eigentlich? |