|
Plagegeister aller Art und deren Bekämpfung: System32\\496A8300 FehlerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.06.2011, 19:35 | #1 |
| System32\\496A8300 Fehler Habe seit heute Nachmittag ein lässtiges problem mit einem Virus. Warscheinlich dieser Trojaner kazy. Es erscheint immer die Fehlermeldung: Windows konnte alle Daten für die Datei \\Sytsem32\\496A8300 nicht speichern. Daten verloren. Dieser Fehler kann durch einen Ausfall der Hardware verursacht werden. Wenn ich den Taskmanager aufrufen will kommt immer die Fehlermeldung, dass dies durch den Administator deaktiviert wurde. Es befinden sich keine Icons mehr auf dem Desktop und auch für Start-> Programme lässt sich nichts mehr finden. Im arbeitsplatz hab ich die versteckten Dateien nun wieder Sichtbar bekommen. Ein Scan mit Avira blieb leider erfolglos. OTL log: OTL Extras logfile created on: 14.06.2011 19:51:32 - Run 1 OTL by OldTimer - Version 3.2.24.0 Folder = I:\Dokumente und Einstellungen\Marcel\Eigene Dateien\Downloads Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1022,07 Mb Total Physical Memory | 376,62 Mb Available Physical Memory | 36,85% Memory free 2,40 Gb Paging File | 1,76 Gb Available in Paging File | 73,08% Paging File free Paging file location(s): I:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = I: | %SystemRoot% = I:\WINDOWS | %ProgramFiles% = I:\Programme Drive I: | 232,82 Gb Total Space | 134,61 Gb Free Space | 57,82% Space Free | Partition Type: NTFS Computer Name: MARCEL | User Name: Marcel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 1 Day ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = FirefoxHTML] -- .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "I:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "I:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "I:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "I:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "I:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "I:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "I:\Programme\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 1 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "I:\Programme\MSN Messenger\msnmsgr.exe" = I:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 "I:\Programme\MSN Messenger\msncall.exe" = I:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) "I:\Programme\ICQ7.5\ICQ.exe" = I:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "I:\Programme\LimeWire\LimeWire.exe" = I:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) "I:\Programme\MSN Messenger\msnmsgr.exe" = I:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0 "I:\Programme\MSN Messenger\msncall.exe" = I:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) "I:\Programme\mIRC\mirc.exe" = I:\Programme\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "I:\WINDOWS\system32\dpvsetup.exe" = I:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "I:\Programme\ftp-uploader\FTPUploader.exe" = I:\Programme\ftp-uploader\FTPUploader.exe:*:Enabled:ftpuploader.de -- (sysb) "I:\Programme\ICQLite\ICQLite.exe" = I:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite "I:\Programme\ICQ\Icq.exe" = I:\Programme\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.) "I:\Programme\Buka\Hellforces\hell.exe" = I:\Programme\Buka\Hellforces\hell.exe:*:Enabled:Hell Forces "I:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe" = I:\Programme\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main "I:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe" = I:\Programme\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD "I:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe" = I:\Programme\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater "I:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe" = I:\Programme\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server "I:\Dokumente und Einstellungen\Marcel\Desktop\vt\ventrilo_srv.exe" = I:\Dokumente und Einstellungen\Marcel\Desktop\vt\ventrilo_srv.exe:*:Enabled:ventrilo_srv "I:\Programme\Activision\Call of Duty 2\CoD2MP_s.exe" = I:\Programme\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- () "I:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe" = I:\Programme\Tobit ClipInc\Player\ClipInc-Player.exe:*:Enabled:ClipInc. Player -- (Tobit.Software) "I:\Programme\ICQ6\ICQ.exe" = I:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6 "I:\Programme\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe" = I:\Programme\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry -- (Crytek) "I:\Programme\CyberLink\PCM4Everio\PCM4Everio.exe" = I:\Programme\CyberLink\PCM4Everio\PCM4Everio.exe:*:Enabled:CyberLink PowerCinema NE for Everio -- (CyberLink Corp.) "I:\Programme\CyberLink\PCM4Everio\EverioService.exe" = I:\Programme\CyberLink\PCM4Everio\EverioService.exe:*:Enabled:CyberLink PowerCinema NE for Everio Resident Program -- (CyberLink Corp.) "I:\Programme\ICQ6.5\ICQ.exe" = I:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 "I:\Dokumente und Einstellungen\Marcel\Desktop\novoliner\Novoline\gamin16\Novoline.exe" = I:\Dokumente und Einstellungen\Marcel\Desktop\novoliner\Novoline\gamin16\Novoline.exe:*isabled:Novoline "I:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = I:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server "I:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = I:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server "I:\Programme\HLSW\hlsw.exe" = I:\Programme\HLSW\hlsw.exe:*:Enabled:HLSW Application -- (Stripf Software) "I:\Programme\Google\Google Earth\client\googleearth.exe" = I:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google) "I:\WINDOWS\system32\muzapp.exe" = I:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.) "I:\Programme\Steam\steamapps\baranas@lycos.de\day of defeat\hl.exe" = I:\Programme\Steam\steamapps\baranas@lycos.de\day of defeat\hl.exe:*:Enableday of Defeat -- (Valve) "I:\Programme\Steam\steamapps\baranas@lycos.de\counter-strike\hl.exe" = I:\Programme\Steam\steamapps\baranas@lycos.de\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "I:\Programme\ICQ7.5\ICQ.exe" = I:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.) "I:\Programme\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe" = I:\Programme\HP\HP Deskjet 1000 J110 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Geräteeinrichtung -- (Hewlett-Packard Co.) "I:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe" = I:\Programme\Gemeinsame Dateien\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00428418-D4AE-4A2B-B866-825F0BF7EC67}" = LG PC Suite II "{0BA19039-4A6F-4A19-81C2-4F24118AF609}" = Cisco Network Magic "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel "{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{236BB7C4-4419-42FD-0407-2E257A25E34D}" = Adobe Photoshop CS2 "{3248F0A8-6813-11D6-A77B-00B0D0150080}" = J2SE Runtime Environment 5.0 Update 8 "{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control "{39CEE1F2-12B6-4C50-9131-04BFCA110578}" = PowerCinema NE for Everio "{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II "{3DEAED7D-E85E-48EB-999E-5B4576A22369}" = HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät "{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0 "{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight "{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup "{5BA1D11C-B981-4CAA-B2B5-B8ADF413EBA5}" = Pure Networks Platform "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F41FEAB-A3F4-49E0-9EB5-BCF11EB5B205}" = Gamesurround Muse 5.1 DVD - Benutzerhandbuch "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2 "{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5 "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0 "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo "{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4) "{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer "{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU "{896D642C-7125-44F0-AC49-A23ABF82209C}" = CDBurnerXP Pro 3 "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch "{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C1A80F67-656F-4DF3-A6C4-DE18A47477C5}_is1" = ICQ Away Reader 1.4 "{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CF9CD37C-E29A-11D5-AE3D-005004B8E30C}" = Digital Photo Navigator 1.5 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2 "{D2C7B6D7-A4DA-4447-93C7-65D06A068F27}" = SBK(TM)09 (Demo) "{D53952FB-CAC6-FCBB-ED01-64399F139F39}" = SBK(TM)09 (Demo) "{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 GOLD "{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Hilfe "{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II "{E0D51394-1D45-460A-B62D-383BC4F8B335}" = QuickTime "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0 "{ECCA3728-2753-4C3A-8608-5A41C4AEBDB7}" = Sony Vegas Pro 8.0 "{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 "{FCD9CD52-7222-4672-94A0-A722BA702FD0}" = Dell Resource CD "1F811665-E818-4956-9173-35CD47C9DCE0" = Otto "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) "7A1E1C4F-CC6F-4BF0-BB81-7CFC3F655564" = GemMaster Mystic "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-2E257A25E34D}" = Adobe Photoshop CS2 "Adobe Shockwave Player" = Adobe Shockwave Player "AdobeESD" = Adobe Download Manager 2.2 (Nur entfernen) "All ATI Software" = ATI - Software Uninstall Utility "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced "ATI Display Driver" = ATI Display Driver "Blender" = Blender (remove only) "CadStd" = CadStd "CINEMA 4D Release 8" = CINEMA 4D Release 8 "Collab" = Collab "conduitEngine" = Conduit Engine "Diablo II" = Diablo II "DVD Shrink_is1" = DVD Shrink 3.2 "Everest Poker" = Everest Poker (Remove Only) "FairStars CD Ripper_is1" = FairStars CD Ripper 1.26 "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition "FL Studio 6" = FL Studio 6 "FL Studio 7" = FL Studio 7 "Free Audio Dub_is1" = Free Audio Dub version 1.5 "Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16 "Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1 "ftp-uploader" = ftp-uploader "HLSW_is1" = HLSW v1.3.3.7b "ICQ" = ICQ "ICQToolbar" = ICQ Toolbar "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "IL Download Manager" = IL Download Manager "Inkscape" = Inkscape 0.48.0 "InstallShield_{390FF986-468D-4CA9-8830-2C4B313F447F}" = ATI Parental Control "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer "InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2 "InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}" = Far Cry "king.com" = king.com (remove only) "LimeWire" = LimeWire 4.18.8 "MAGIX Goya burnR D" = MAGIX Goya burnR 1.3.1.3 (D) "MAGIX Music Maker 2008 D" = MAGIX Music Maker 2008 13.0.3.2 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D) "MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D) "MAGIX Video deluxe 2008 D" = MAGIX Video deluxe 2008 7.5.3.1 (D) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Network MagicUninstall" = Network Magic "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NoLimits Coasters full" = Achterbahn-Simulator 2009 (entfernen) "OnlineBanking 4.0" = T-Online OnlineBanking 4.0 "PCI Audio Driver" = PCI Audio Driver "PROSet" = Intel(R) PRO Network Connections Drivers "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11 "RealPlayer 6.0" = RealPlayer "RollerCoaster Tycoon Setup" = Roll "SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software "Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software "Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software "SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only) "softonic-de3 Toolbar" = softonic-de3 Toolbar "Steam" = Steam "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "Tobit ClipInc Server" = Tobit.Software clipinc.fx "T-Online 4.0 Hilfe" = T-Online 4.0 Hilfe "T-Online Browser" = T-Online Browser 4.0 "T-Online Copas Client 4.0" = T-Online Copas Client 4.0 "T-Online eMail 4.0" = T-Online eMail 4.0 "T-Online Messenger (TOM)" = T-Online Messenger (TOM) 4.0 "T-Online Software 4.0" = T-Online Software 4.0 "Uninstall_is1" = Uninstall 1.0.0.1 "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VLC media player" = VLC media player 1.1.5 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WinISD beta" = WinISD beta "WinISD Pro [alpha]" = WinISD Pro [alpha] "WinRAR archiver" = WinRAR Archivierer "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Steam App 30" = Day of Defeat "T-Online Messenger (TOM)" = T-Online Messenger (TOM) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 13.02.2011 13:20:56 | Computer Name = MARCEL | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung cinema_4d.exe, Version 8.0.0.1, fehlgeschlagenes Modul cinema_4d.exe, Version 8.0.0.1, Fehleradresse 0x00423995. Error - 14.02.2011 15:54:43 | Computer Name = MARCEL | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Videodeluxe.exe, Version 7.5.3.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 14.02.2011 16:05:43 | Computer Name = MARCEL | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung Videodeluxe.exe, Version 7.5.3.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 02.03.2011 17:18:41 | Computer Name = MARCEL | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung winamp.exe, Version 5.5.4.2165, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 12.03.2011 17:12:51 | Computer Name = MARCEL | Source = Application Hang | ID = 1002 Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3989, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000. Error - 02.04.2011 12:51:49 | Computer Name = MARCEL | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3989, fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.3520, Fehleradresse 0x0000100b. Error - 14.06.2011 10:24:17 | Computer Name = MARCEL | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung devicemanager.exe, Version 1.0.0.1, fehlgeschlagenes Modul msvcr90.dll, Version 9.0.30729.1, Fehleradresse 0x0005bb47. Error - 14.06.2011 11:07:37 | Computer Name = MARCEL | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung devicemanager.exe, Version 1.0.0.1, fehlgeschlagenes Modul msvcr90.dll, Version 9.0.30729.1, Fehleradresse 0x0005bb47. [ System Events ] Error - 07.06.2011 13:20:33 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7034 Description = Dienst "Pure Networks Platform Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 07.06.2011 13:20:38 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7034 Description = Dienst "ClipInc 001" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 08.06.2011 12:17:58 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7009 Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Presentation Foundation Font Cache 3.0.0.0. Error - 08.06.2011 12:18:00 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 10.06.2011 15:59:10 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7034 Description = Dienst "AntiVir PersonalEdition Classic Guard" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 10.06.2011 15:59:13 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7034 Description = Dienst "ClipInc 001" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 13.06.2011 15:01:09 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7034 Description = Dienst "ClipInc 001" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 14.06.2011 10:22:18 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7009 Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows Presentation Foundation Font Cache 3.0.0.0. Error - 14.06.2011 10:22:19 | Computer Name = MARCEL | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Windows Presentation Foundation Font Cache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 14.06.2011 10:22:49 | Computer Name = MARCEL | Source = DCOM | ID = 10010 Description = Der Server "{204810B9-73B2-11D4-BF42-00B0D0118B56}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. < End of report > |
15.06.2011, 10:49 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | System32\\496A8300 Fehler Die extras.txt allein bringt nicht viel, es fehlt die OTL.txt
__________________Außerdem möchten wir bei 32-Bit-Systemen auch ein GMER-Log sehen!
__________________ |
Themen zu System32\\496A8300 Fehler |
aufrufe, avira, browser, call of duty, cdburnerxp, desktop, druck, ebanking, email, entfernen, error, fehler, flash player, format, google, google earth, limewire, logfile, mozilla, mp3, ntdll.dll, problem, registry, rundll, scan, security, shell32.dll, shortcut, software, studio, system, taskmanager, teamspeak, trojaner, windows internet, wma |