Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428

Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428


Log-Analyse und Auswertung: Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.11.2011, 16:27   #1
TreeOne
 
Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428 - Standard

Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428


Schönen guten Tag.

Ich habe seit vorhin diesen hier im Forum bereits vorhandenen Trojaner auf meinem Rechner. Bildschirm ist schwarz, alle Dateien wurden versteckt, Startmenü ist leer und das Fehlermeldungsfenster wurde Zig mal geöffnet.

Ich habe Windows 7 auf dem PC.

Die Systemwiederherstellung finde ich im Windowsordner nicht und das Startmenü ist leer.

Und das letzte als funktionierend bekannte Konfigurtion starten wird ebenfalls nicht angezeigt beim Starten.

Deshalb hier direkt das OTL:

HTML-Code:
OTL logfile created on: 05.11.2011 15:59:09 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Sven\Documents
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 55,43% Memory free
7,71 Gb Paging File | 6,07 Gb Available in Paging File | 78,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 1,89 Gb Free Space | 1,62% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 241,79 Gb Free Space | 72,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-BOARD | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011.11.05 15:51:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
PRC - [2011.11.05 14:34:27 | 000,349,184 | -H-- | M] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
PRC - [2011.11.05 14:17:51 | 000,459,776 | -HS- | M] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
PRC - [2011.10.05 16:56:14 | 000,167,960 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
PRC - [2011.10.05 16:56:11 | 001,543,704 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
PRC - [2011.09.27 12:25:58 | 000,099,864 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
PRC - [2011.03.14 13:31:36 | 000,494,616 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
PRC - [2011.03.14 13:31:35 | 000,232,472 | -H-- | M] (Sophos Limited) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
PRC - [2010.01.05 01:43:36 | 001,597,440 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.24 21:45:36 | 000,053,888 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.10 03:20:36 | 000,096,896 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.10.27 04:29:32 | 006,998,656 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 18:10:42 | 000,174,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.10.01 03:34:22 | 002,314,240 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 03:33:08 | 000,262,144 | -H-- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.08.20 04:31:48 | 000,170,624 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.17 12:44:11 | 000,085,160 | -H-- | M] (Elaborate Bytes AG) -- D:\Programme\VirtualCloneDrive\VCDDaemon.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.05.18 23:58:38 | 000,305,720 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.04.20 16:20:40 | 002,327,552 | -H-- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.04.20 16:20:30 | 000,009,216 | -H-- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | -H-- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2011.10.14 02:54:33 | 000,997,888 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cc6713be0e405d5a89a2783103f7e771\System.Management.ni.dll
MOD - [2011.10.14 02:44:22 | 000,212,992 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\cabd75d4716ede2fed948cbff94dcc38\System.ServiceProcess.ni.dll
MOD - [2011.10.14 02:43:55 | 000,771,584 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\018d2569cf208acbe8ad73908705f607\System.Runtime.Remoting.ni.dll
MOD - [2011.10.14 02:43:52 | 000,627,200 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\834be57d8ab824b4ebcbf01161791d70\System.Transactions.ni.dll
MOD - [2011.10.14 02:43:51 | 006,618,624 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll
MOD - [2011.10.14 02:43:03 | 012,431,360 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011.10.14 02:42:51 | 001,586,688 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011.10.14 02:42:20 | 000,680,960 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\9b8dcad25a3be7d4a3f3b8b384f3190a\System.Security.ni.dll
MOD - [2011.10.14 02:42:15 | 005,452,800 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011.10.14 02:42:08 | 000,971,264 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011.10.14 02:42:07 | 007,949,312 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011.10.14 02:41:53 | 011,490,304 | -H-- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2010.01.05 01:43:36 | 001,597,440 | -H-- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009.11.24 21:45:36 | 000,053,888 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009.08.04 10:49:47 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.08.04 10:49:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 02:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2009.07.14 02:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2009.06.10 22:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009.06.10 22:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007.11.30 19:20:44 | 000,051,768 | -H-- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - [2010.09.06 11:09:44 | 000,859,712 | -H-- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:[b]64bit:[/b] - [2010.01.22 02:01:11 | 000,202,752 | -H-- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:[b]64bit:[/b] - [2009.12.08 00:16:34 | 000,379,520 | -H-- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:[b]64bit:[/b] - [2009.11.27 04:39:45 | 000,243,712 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\stacsv64.exe -- (STacSV)
SRV:[b]64bit:[/b] - [2009.09.29 17:32:31 | 000,570,632 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:[b]64bit:[/b] - [2009.09.29 17:32:29 | 000,917,768 | -H-- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:[b]64bit:[/b] - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011.10.05 16:56:14 | 000,167,960 | -H-- | M] (Sophos Limited) [Unknown | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe -- (SAVAdminService)
SRV - [2011.10.05 16:56:11 | 001,543,704 | -H-- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe -- (swi_service)
SRV - [2011.09.27 12:25:58 | 000,099,864 | -H-- | M] (Sophos Limited) [Unknown | Running] -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe -- (SAVService)
SRV - [2011.03.14 13:31:35 | 000,232,472 | -H-- | M] (Sophos Limited) [Auto | Running] -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe -- (Sophos AutoUpdate Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | -H-- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.11.10 03:20:36 | 000,096,896 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 03:34:22 | 002,314,240 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 03:33:08 | 000,262,144 | -H-- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.06.16 01:30:42 | 000,084,536 | -H-- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.20 16:20:30 | 000,009,216 | -H-- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - [2011.10.05 16:56:13 | 000,144,672 | -H-- | M] (Sophos Limited) [File_System | System | Running] -- C:\Windows\SysNative\drivers\savonaccess.sys -- (SAVOnAccess)
DRV:[b]64bit:[/b] - [2011.09.27 12:25:53 | 000,026,104 | -H-- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdcfilter.sys -- (sdcfilter)
DRV:[b]64bit:[/b] - [2011.09.27 12:25:50 | 000,025,608 | -H-- | M] (Sophos Plc) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\SophosBootDriver.sys -- (SophosBootDriver)
DRV:[b]64bit:[/b] - [2011.03.11 07:22:41 | 000,107,904 | -H-- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 07:22:40 | 000,027,008 | -H-- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010.08.29 14:28:09 | 000,314,016 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:[b]64bit:[/b] - [2010.08.29 14:28:09 | 000,043,680 | -H-- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:[b]64bit:[/b] - [2010.07.30 18:30:26 | 000,309,840 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:[b]64bit:[/b] - [2010.07.30 18:30:20 | 000,042,576 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:[b]64bit:[/b] - [2010.07.30 18:24:14 | 001,988,176 | -H-- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:[b]64bit:[/b] - [2010.04.28 07:57:50 | 000,061,288 | -H-- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:[b]64bit:[/b] - [2010.01.22 02:13:23 | 006,233,088 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:[b]64bit:[/b] - [2010.01.22 02:13:23 | 006,233,088 | -H-- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:[b]64bit:[/b] - [2010.01.22 01:07:55 | 000,161,280 | -H-- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:[b]64bit:[/b] - [2010.01.18 13:37:57 | 000,128,512 | -H-- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:[b]64bit:[/b] - [2009.12.17 23:25:17 | 000,034,472 | -H-- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:[b]64bit:[/b] - [2009.11.27 04:39:45 | 000,505,344 | -H-- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:[b]64bit:[/b] - [2009.11.13 10:47:35 | 000,067,072 | -H-- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:[b]64bit:[/b] - [2009.10.05 02:33:59 | 001,542,656 | -H-- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2009.09.30 02:34:31 | 000,121,872 | -H-- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:[b]64bit:[/b] - [2009.09.29 17:33:17 | 000,107,536 | -H-- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:[b]64bit:[/b] - [2009.09.17 20:54:54 | 000,056,344 | -H-- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:[b]64bit:[/b] - [2009.08.21 07:48:17 | 000,044,032 | -H-- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:[b]64bit:[/b] - [2009.08.12 04:38:01 | 001,799,680 | -H-- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:[b]64bit:[/b] - [2009.08.09 22:25:45 | 000,036,352 | -H-- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:[b]64bit:[/b] - [2009.08.06 22:24:13 | 000,408,600 | -H-- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:[b]64bit:[/b] - [2009.07.20 10:29:39 | 000,015,416 | -H-- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | -H-- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | -H-- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 02:47:48 | 000,077,888 | -H-- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | -H-- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.06.10 21:35:57 | 000,056,832 | -H-- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | -H-- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | -H-- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009.05.13 17:07:20 | 000,015,928 | -H-- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,167,424 | -H-- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,784 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,784 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,656 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,150,656 | -H-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:[b]64bit:[/b] - [2009.04.09 12:38:26 | 000,011,776 | RH-- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:[b]64bit:[/b] - [2008.05.24 01:27:28 | 000,154,168 | -H-- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 01:36:14 | 000,015,416 | -H-- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: D:\Programme\Firefox\components [2011.10.06 19:48:01 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: D:\Programme\Firefox\plugins [2011.04.03 13:17:15 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: D:\Programme\Thunderbird\components [2011.10.06 15:11:27 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: D:\Programme\Thunderbird\plugins
 
[2010.08.14 17:43:30 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2011.04.03 12:29:29 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\48u4ccih.default\extensions
[2011.03.12 21:57:49 | 000,000,000 | -H-D | M] (Modify Headers) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\48u4ccih.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}
 
[color=#E56717]========== Chrome  ==========[/color]
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:[b]64bit:[/b] - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Limited)
O2:[b]64bit:[/b] - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [GNMdXaDCqs.exe] C:\ProgramData\GNMdXaDCqs.exe (Recover Inc)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Programme\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2BB58AB-63FA-450D-9ED1-0AE51B0AE820}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1C7B536-E58F-4EBF-801F-2E05EDFAE7E9}: NameServer = 137.193.10.34,137.193.10.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E918C3F8-9948-43DE-8750-2C7DA2E3DEE4}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Limited)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) -C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Limited)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{17e7e328-a7bb-11df-9fe3-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7e328-a7bb-11df-9fe3-485b39e6c158}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{17e7e335-a7bb-11df-9fe3-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{17e7e335-a7bb-11df-9fe3-485b39e6c158}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{afd7ac68-be6d-11df-97cc-485b39e6c158}\Shell - "" = AutoRun
O33 - MountPoints2\{afd7ac68-be6d-11df-97cc-485b39e6c158}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2011.11.05 15:56:54 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
[2011.11.05 14:25:53 | 000,000,000 | -H-D | C] -- C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
[2011.11.05 14:25:51 | 000,000,000 | -H-D | C] -- C:\Users\Sven\AppData\Local\Sophos
[2011.11.05 14:20:50 | 000,349,184 | -H-- | C] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.11.05 14:18:08 | 000,459,776 | -HS- | C] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
[2011.11.05 14:17:00 | 000,000,000 | ---D | C] -- C:\Windows\system64
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2011.11.05 15:59:00 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 15:59:00 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.05 15:51:52 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Sven\Documents\OTL.exe
[2011.11.05 15:51:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.05 15:51:11 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.05 14:36:31 | 000,000,456 | -H-- | M] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.11.05 14:34:27 | 000,349,184 | -H-- | M] (Recover Inc) -- C:\ProgramData\6DSS92c31Apgjk.exe
[2011.11.05 14:29:57 | 001,507,342 | -H-- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.05 14:29:57 | 000,657,910 | -H-- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.05 14:29:57 | 000,619,146 | -H-- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.05 14:29:57 | 000,131,250 | -H-- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.05 14:29:57 | 000,107,466 | -H-- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.05 14:25:53 | 000,000,659 | -H-- | M] () -- C:\Users\Sven\Desktop\System Restore.lnk
[2011.11.05 14:24:45 | 000,001,892 | -H-- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.11.05 14:17:51 | 000,459,776 | -HS- | M] (Recover Inc) -- C:\ProgramData\GNMdXaDCqs.exe
[2011.11.02 12:49:44 | 000,001,359 | -H-- | M] () -- C:\Users\Sven\Desktop\RZ_Drucker.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.11.05 14:34:46 | 000,000,456 | -H-- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2011.11.05 14:25:53 | 000,000,659 | -H-- | C] () -- C:\Users\Sven\Desktop\System Restore.lnk
[2011.07.06 22:38:11 | 000,033,631 | -H-- | C] () -- C:\Windows\DIIUnin.dat
[2011.06.26 20:38:22 | 000,007,605 | -H-- | C] () -- C:\Users\Sven\AppData\Local\Resmon.ResmonCfg
[2011.03.05 23:09:44 | 000,043,520 | -H-- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011.03.05 21:58:21 | 000,021,840 | -H-- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.03.05 21:58:21 | 000,017,212 | -H-- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.03.05 21:58:21 | 000,012,067 | -H-- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.01.04 20:06:01 | 000,000,495 | -H-- | C] () -- C:\Windows\SIERRA.INI
[2010.12.27 15:52:59 | 000,000,040 | -H-- | C] () -- C:\ProgramData\ra3.ini
[2010.12.26 23:17:27 | 000,000,996 | -H-- | C] () -- C:\Windows\eReg.dat
[2010.08.28 11:52:11 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.14 22:04:59 | 000,000,024 | -H-- | C] () -- C:\Windows\ATKPF.ini
[2010.08.14 18:20:09 | 000,004,608 | -H-- | C] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.14 17:01:26 | 007,122,826 | -H-- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.05.21 21:19:47 | 000,053,248 | -H-- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.05.21 20:58:57 | 000,001,035 | -H-- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.21 20:40:49 | 000,131,368 | -H-- | C] () -- C:\ProgramData\FullRemove.exe
[2010.05.21 19:46:56 | 000,000,000 | -H-- | C] () -- C:\Windows\ativpsrm.bin
[2009.10.26 04:38:22 | 000,000,176 | -H-- | C] () -- C:\Windows\explorer.exe.config
[2009.08.19 09:33:09 | 000,020,480 | -H-- | C] () -- C:\Windows\OOBEPlayer.exe
[2009.08.19 09:33:09 | 000,000,232 | -H-- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 06:20:40 | 000,000,010 | -H-- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | -H-- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | -H-- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.09 12:44:42 | 000,108,066 | RH-- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2006.05.19 04:39:57 | 000,015,497 | -H-- | C] () -- C:\Windows\snp2uvc.ini
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010.08.14 13:27:28 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Asus WebStorage
[2010.12.29 16:57:09 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\bizarre creations
[2011.06.23 18:13:27 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.05.28 17:14:23 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\ICQ
[2010.10.07 18:45:48 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\OpenOffice.org
[2010.11.28 12:39:42 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\PhotoFiltre
[2011.10.11 21:05:23 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\SpinTop
[2011.04.29 16:40:12 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Subversion
[2011.10.06 15:11:55 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Thunderbird
[2010.08.29 15:44:48 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Ubisoft
[2010.08.14 16:51:33 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Vodafone
[2011.10.04 09:25:09 | 000,000,000 | -H-D | M] -- C:\Users\Sven\AppData\Roaming\Xerox
[2011.08.21 21:46:44 | 000,032,632 | -H-- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:7D6EC5BE
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:196FC0A6

< End of report >

Hier das Extras:

HTML-Code:
OTL Extras logfile created on: 05.11.2011 15:59:09 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Sven\Documents
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 55,43% Memory free
7,71 Gb Paging File | 6,07 Gb Available in Paging File | 78,78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 1,89 Gb Free Space | 1,62% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 241,79 Gb Free Space | 72,67% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-BOARD | User Name: Sven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" = 
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{489F2C5A-83B9-79D5-714C-1DEF32A898E5}" = ATI AVIVO64 Codecs
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{74E85F31-573F-45BF-8939-4D2BCDCC2083}" = LEGO MINDSTORMS NXT Driver for x64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{AA5A2780-10FC-913C-B8AA-FE42DFDBAA42}" = ccc-utility64
"{D0528577-31BF-2ABC-D7FC-E443EBF8B40A}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"ASUS USB2.0 UVC VGA WebCam" = ASUS USB2.0 UVC VGA WebCam
"ASUS WebStorage" = ASUS WebStorage
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{182A1405-9660-F35E-4910-2F4804EF9CD1}" = Catalyst Control Center Core Implementation
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E9165D4-D1BB-A8FF-4D81-4769904075BE}" = CCC Help Spanish
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2271DC83-BDCA-B742-0F66-51C548D83878}" = CCC Help Hungarian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2447500B-22D7-47BD-9B13-1A927F43A267}" = Empire Earth
"{2458E345-90BF-A135-A9F6-7B79E5A1B034}" = Catalyst Control Center Graphics Full New
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{2801377C-AED0-9DF8-8C13-DE5B8A255E01}" = CCC Help Italian
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2944D228-BD9D-293C-9207-36F3F83200C7}" = Catalyst Control Center Graphics Full Existing
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BE54333-0A35-B568-B9B6-BBAC93363F07}" = CCC Help Polish
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{321CA409-D308-D275-FD2E-07745286F7B1}" = CCC Help Portuguese
"{394B8A28-0984-B687-DC3D-600A83E3D8AB}" = ccc-core-static
"{3C168069-602E-D4DE-AAEA-C83395FD7CBB}" = CCC Help German
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{507BF84D-922E-367A-1B91-2C92A8626627}" = CCC Help Finnish
"{56670C91-F1BA-86BC-0AAE-8605B726EF2F}" = CCC Help Russian
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57CB36B6-4884-535F-9379-34560046C912}" = CCC Help Dutch
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5E6ACA2E-60D5-461C-8FD3-04BA9C174B27}_is1" = Mouse Recorder Pro 1.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{611ED207-22E5-4543-B9D3-E73096759A4F}" = LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{698E45C8-5054-554F-51CB-68847E4B0BA5}" = CCC Help Greek
"{6C1D47CC-682C-4673-8CA8-DEE659628599}" = LEGO MINDSTORMS NXT Migration Package
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719C5E05-B9B2-EBBB-766D-2A1245147DF9}" = Catalyst Control Center Graphics Previews Common
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77498F29-4EFE-159E-DB0E-8E36C3E2B473}" = CCC Help Danish
"{788A7564-40B9-4993-78AF-1852D423781E}" = CCC Help Chinese Traditional
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{91D02903-7EDB-2A1F-C19F-8EBB335BA708}" = CCC Help Chinese Standard
"{95F1EE6A-2C0E-5CE9-8042-287E11DFA089}" = Catalyst Control Center InstallProxy
"{9933221A-32B7-75A8-A496-713191B260CC}" = CCC Help Norwegian
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C28D1FA-B33F-AA17-9A87-FA556C5B6C2D}" = CCC Help English
"{9C976EB6-3C08-3B82-0162-26513153E347}" = CCC Help French
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9EC8C2B7-74F5-EEDC-E3F2-3E13564ABF8D}" = Catalyst Control Center Graphics Light
"{A0306AD8-1D8C-A5BB-6311-81A42370EEB9}" = Catalyst Control Center Graphics Previews Vista
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB77649D-25F2-EC99-67CD-A1B2F9862199}" = CCC Help Turkish
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.2 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0474B6D-9508-9D4F-694A-9C78F06BB037}" = CCC Help Swedish
"{B49C924C-A651-4378-94F6-5D9BF44A959F}" = EE-ZDE
"{B5529701-E380-06B7-14A8-D24EC95B5CD2}" = CCC Help Japanese
"{BA32FA50-7D3C-F111-9E79-619774EDB517}" = Catalyst Control Center Localization All
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD9CA010-1B74-B806-F4B7-C2175EE3AC2C}" = CCC Help Korean
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}" = LEGO MINDSTORMS NXT Software v2.0
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect Lite
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F5E5DFE5-37AC-61A7-1A57-6741C243C96F}" = CCC Help Czech
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF250E8C-2925-C0C8-71EF-C456BE470759}" = CCC Help Thai
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS AP Bank_is1" = ASUS AP Bank
"CCleaner" = CCleaner (remove only)
"Diablo II" = Diablo II
"DivX Setup.divx.com" = DivX-Setup
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"Mozilla Firefox 7.0.1 (x86 de)" = Mozilla Firefox 7.0.1 (x86 de)
"Mozilla Thunderbird (7.0.1)" = Mozilla Thunderbird (7.0.1)
"Plants vs. Zombies" = Plants vs. Zombies
"PlugY, The Survival Kit" = PlugY, The Survival Kit
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
"PhotoFiltre" = PhotoFiltre
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Und hier noch meine installierten Dateien:

HTML-Code:
AC3Filter 1.63b	Alexander Vigovsky	13.12.2010		1.63b
Acrobat.com	Adobe Systems Incorporated	20.05.2010	1,61MB	1.6.65
Adobe AIR	Adobe Systems Inc.	20.05.2010		1.5.0.7220
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	20.05.2010		10.0.32.18
Adobe Flash Player 11 Plugin 64-bit	Adobe Systems Incorporated	21.10.2011	6,00MB	11.0.1.152
Adobe Reader 9.2 MUI	Adobe Systems Incorporated	11.09.2011	653MB	9.2.0
Alcor Micro USB Card Reader	Alcor Micro Corp.	20.05.2010	2,89MB	1.5.17.25482
ANNO 1404	Ubisoft	04.09.2010		1.02.0000
Apple Application Support	Apple Inc.	11.02.2011	52,8MB	1.4.1
Apple Software Update	Apple Inc.	11.02.2011	2,16MB	2.1.1.116
ASUS AI Recovery	ASUS	20.05.2010	2,76MB	1.0.9
ASUS AP Bank	ASUSTEK	20.05.2010		1.0.0.0
ASUS FancyStart	ASUSTeK Computer Inc.	20.05.2010	12,1MB	1.0.8
ASUS LifeFrame3	ASUS	20.05.2010	27,7MB	3.0.20
ASUS Live Update	ASUS	20.05.2010		2.5.9
ASUS MultiFrame	ASUS	20.05.2010		1.0.0019
ASUS Power4Gear Hybrid	ASUS	20.05.2010	12,2MB	1.1.33
ASUS SmartLogon	ASUS	20.05.2010	10,9MB	1.0.0007
ASUS Splendid Video Enhancement Technology	ASUS	20.05.2010	24,4MB	1.02.0028
ASUS USB2.0 UVC VGA WebCam	Sonix	20.05.2010		5.8.53120.202
ASUS Virtual Camera	asus	20.05.2010	3,12MB	1.0.19
ASUS WebStorage	eCareme Technologies, Inc.	20.05.2010		2.0.40.1319
ATI Catalyst Install Manager	ATI Technologies, Inc.	20.05.2010	22,1MB	3.0.758.0
ATK Package	ASUS	20.05.2010	13,5MB	1.0.0001
CCleaner	Piriform	04.11.2011		3.12
CodeBlocks	The Code::Blocks Team	09.10.2011		10.05
Command & Conquer 3	Ihr Firmenname	22.06.2011	1.000MB	1.00.0000
ControlDeck	ASUS	20.05.2010	1,87MB	1.0.5
Diablo II		05.07.2011		
DivX-Setup	DivX, Inc. 	29.10.2010		2.1.2.2
EE-ZDE		03.01.2011		
Empire Earth		03.01.2011		
ETDWare PS/2-x64 7.0.5.10_WHQL	ELAN Microelectronics Corp.	20.05.2010		7.0.5.10
Fast Boot	ASUS	20.05.2010	1,47MB	1.0.5
ICQ7.5	ICQ	19.04.2011		7.5
IDT Audio	IDT	20.05.2010		1.0.6259.0
Intel(R) Management Engine Components	Intel Corporation	21.05.2010		6.0.0.1179
Java(TM) 6 Update 23	Oracle	11.03.2010	95,0MB	6.0.230
K_Series_ScreenSaver_EN		20.05.2010		
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket	The LEGO Group	24.02.2011	43,4MB	2.0.100.0
LEGO MINDSTORMS NXT Driver for x64	LEGO	24.02.2011	1,55MB	1.17.770
LEGO MINDSTORMS NXT Migration Package	LEGO	24.02.2011	0,72MB	1.2.8.0
LEGO MINDSTORMS NXT Software v2.0	LEGO	24.02.2011	296MB	2.0.108.0
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.11.2010	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.11.2010	2,94MB	4.0.30319
Microsoft Silverlight	Microsoft Corporation	13.10.2011	200MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	13.08.2010	1,72MB	3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)	Microsoft Corporation	13.08.2010	0,61MB	1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)	Microsoft Corporation	13.08.2010	1,45MB	1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	14.08.2010	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.06.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	29.05.2011	0,20MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	14.04.2011	0,77MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022	Microsoft Corporation	06.10.2010	1,71MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	20.05.2010	0,77MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,77MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	28.05.2011	2,06MB	9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,59MB	9.0.30729.6161
Mouse Recorder Pro 1.3	Nemex	13.03.2011		
Mozilla Firefox 7.0.1 (x86 de)	Mozilla	05.10.2011	51,4MB	7.0.1
Mozilla Thunderbird (7.0.1)	Mozilla	05.10.2011		7.0.1 (de)
MSXML 4.0 SP3 Parser (KB973685)	Microsoft Corporation	20.05.2010	1,53MB	4.30.2107.0
OpenOffice.org 3.2	OpenOffice.org	06.10.2010	363MB	3.2.9502
PhotoFiltre		27.11.2010		
Plants vs. Zombies	Spintop Media, Inc	10.10.2011		
PlugY, The Survival Kit		05.07.2011		10.00
QuickTime	Apple Inc.	11.02.2011	73,7MB	7.69.80.9
Skype™ 5.3	Skype Technologies S.A.	22.06.2011	16,6MB	5.3.120
Sophos Anti-Virus	Sophos Limited	01.11.2011	27,1MB	9.7.6
Sophos AutoUpdate	Sophos Limited	26.09.2011	9,01MB	2.5.10
Trend Micro Internet Security	Trend Micro Inc.	20.05.2010	94,2MB	17.50
VirtualCloneDrive	Elaborate Bytes	28.08.2010		
VLC media player 1.1.4	VideoLAN	12.10.2010		1.1.4
Vodafone Mobile Connect Lite	Vodafone	13.08.2010	22,7MB	9.4.2.14731
Windows Live Essentials	Microsoft Corporation	13.08.2010		14.0.8117.0416
Windows Live ID-Anmelde-Assistent	Microsoft Corporation	24.10.2010	10,0MB	6.500.3165.0
Windows Live OneCare safety scanner	Microsoft Corporation	30.10.2010		
Windows Live Sync	Microsoft Corporation	13.08.2010	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	13.08.2010	0,22MB	14.0.8014.1029
WinFlash	ASUS	20.05.2010	1,29MB	2.29.0
WinRAR archiver		25.08.2010		
Wireless Console 3	ASUS	20.05.2010	2,43MB	3.0.15
 

Themen zu Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
alternate, bho, bildschirm, c:\windows\system32\rundll32.exe, defender, disabletaskmgr, error, excel, explorer, failed, failed to save all the components for the file \\system32, firefox, flash player, format, helper, home, install.exe, logfile, monitor, mozilla thunderbird, nicht angezeigt, opera, plug-in, programme, recover, registry, rundll, scan, shell32.dll, shortcut, software, starten, system, trojaner, usb, vodafone, webcheck, windows, windows - delayed write failed


« Automatische Weiterleitung zu Werbeseiten beim Anklicken von Google Suchergebnissen | Ich soll 50€ bezahlen obwohl ich garkein virus drauf habe »


Ähnliche Themen: Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428


  1. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 21.03.2012 (13)
  2. Windows 7 Failed to save all the components for the file \\System32\\0000xxxx
    Plagegeister aller Art und deren Bekämpfung - 18.03.2012 (3)
  3. Windows 7 Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 10.03.2012 (5)
  4. Failed to save all the components for the file \\System32 usw...
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (15)
  5. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 12.02.2012 (1)
  6. Failed to save all the components for the file \\System32\\ [...]
    Log-Analyse und Auswertung - 01.02.2012 (6)
  7. windows 7 gecrasht - "Windows - Delayed Write Failed" "Failed to save all the components..."
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (12)
  8. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 16.01.2012 (26)
  9. failed to save all the components for the file system32
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (2)
  10. WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 25.11.2011 (7)
  11. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - St
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (16)
  12. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  13. Windows 7 Failed to save all the components for the file System32\\00...
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (3)
  14. Windows - Delayed Write Failed - Failed to save...
    Log-Analyse und Auswertung - 10.11.2011 (7)
  15. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  16. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (10)
  17. Windows - Delayed Write Failed. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 07.11.2011 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428 - Schönen guten Tag. Ich habe seit vorhin diesen hier im Forum bereits vorhandenen Trojaner auf meinem Rechner. Bildschirm ist schwarz, alle Dateien wurden versteckt, Startmenü ist leer und das Fehlermeldungsfenster - Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428...
Archiv
Du betrachtest: Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55