| |
| |||||||
Log-Analyse und Auswertung: Failed to save all the components for the file \\System32\\ [...]Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
26.01.2012, 22:43
| #1 |
| | ![Failed to save all the components for the file \\System32\\ [...] - Standard](images/icons/icon1.gif){kind=icon} Failed to save all the components for the file \\System32\\ [...] Hallo! Ich habe ein hier wohl altbekanntes Problem, das hier schon öfters aufgetaucht ist. Allerdings muss man so wie ich das verstanden hab seinen individuellen OTL Log angeben, deshalb dieses neue Thema... Heute beim Surfen schlossen sich plötzlich alle Programme, nichts hat sich mehr öffnen lassen, also hab ich den Pc mal ausgeschalten. Beim Einschalten war dann der Bildschirm schwarz, alle Dateien versteckt, die Ordner bei Alle Programme zwar da aber leer, ein System Check öffnete sich und entdeckte 8 Fehler die er nicht beheben konnte, etliche Fenster mit "Failed to save all the components for the file \\System32\\ [...]" öffneten sich, regelmäßig sagt er mir Dinge a la "Hard drive clusters are partly damaged. Segment load failure". Das gleiche Spiel bei jedem Neustart. Ich hab Windows 7 und hatte das selbe Problem schon einmal vor ca. einem Monat. Damals hab ich eine Systemwiederherstellung gemacht und alles war wieder in Ordnung. Hab ich wieder probiert, diesmal hat es aber nix gebracht. Code:
ATTFilter OTL logfile created on: 26.01.2012 22:27:50 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 30,37% Memory free 3,49 Gb Paging File | 1,94 Gb Available in Paging File | 55,63% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 215,59 Gb Total Space | 90,97 Gb Free Space | 42,19% Space Free | Partition Type: NTFS Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32 Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\admin\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\lM7iTvRTsn29UV.exe (Microsoft Corp) PRC - C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\bob internet\bobInternet.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company) PRC - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe () PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\bob internet\Skins\bob\bob.dbskin () MOD - C:\Program Files (x86)\bob internet\resetregistry.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll () MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe (IDT, Inc.) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe (Andrea Electronics Corporation) SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation) SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (NMSAccess) -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe () SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys (Symantec Corporation) DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys (Symantec Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys (Symantec Corporation) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated) DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110629.050\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\EX64.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\ENG64.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox [2010.12.09 00:14:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.09 00:14:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.09 00:14:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011.10.18 15:47:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_4_3 [2012.01.26 21:59:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.26 21:57:46 | 000,000,000 | -H-D | M] O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation) O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [vaqsQJTNJWdMqPG.exe] C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF6B0702-F848-4A2D-A575-7F9C9A79D8CB}: DhcpNameServer = 151.99.125.2 151.99.125.3 194.20.8.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBB0385C-3D38-42C1-B33B-241D891D0C0D}: NameServer = 194.48.124.202 194.48.124.200 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ] O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell - "" = AutoRun O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell - "" = AutoRun O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell - "" = AutoRun O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Install.exe O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell - "" = AutoRun O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell\AutoRun\command - "" = E:\Autorun.exe O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell - "" = AutoRun O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.26 19:00:49 | 000,364,544 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe [2012.01.26 18:57:07 | 000,451,584 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe [2012.01.23 13:58:47 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll [2012.01.23 13:58:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll [2012.01.23 13:58:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll [2012.01.23 13:58:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll [2012.01.23 13:58:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll [2012.01.23 13:58:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll [2012.01.19 19:39:58 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte [2012.01.11 16:24:36 | 000,000,000 | -H-D | C] -- C:\Users\admin\Documents\Outlook-Dateien [2012.01.11 16:16:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll [2012.01.11 16:16:07 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll [2012.01.11 16:16:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll [2012.01.11 16:16:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll [2012.01.11 16:16:03 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2012.01.11 16:16:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2012.01.11 16:16:02 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2012.01.11 16:16:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll [2012.01.11 16:16:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll [2012.01.08 02:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.01.06 22:41:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Local\AskToolbar [2012.01.06 22:36:05 | 000,000,000 | -H-D | C] -- C:\Users\admin\Documents\DivXToDvd [2012.01.06 22:31:19 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Nero [2012.01.06 22:29:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Nero [2012.01.06 22:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012.01.06 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012.01.06 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2012.01.06 20:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO [2012.01.06 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vso [2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012.01.06 18:16:17 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\DVD Flick [2012.01.06 18:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick [2012.01.06 18:15:50 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomct2.ocx [2012.01.06 18:15:50 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.ocx [2012.01.06 18:15:50 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comct232.ocx [2012.01.06 18:15:50 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\windows\SysWow64\ssubtmr6.dll [2012.01.06 18:15:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\windows\SysWow64\trayicon_handler.ocx [2012.01.06 18:15:50 | 000,028,672 | ---- | C] (-) -- C:\windows\SysWow64\mousewheel.ocx [2012.01.06 18:15:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\richtx32.ocx [2012.01.06 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick ========== Files - Modified Within 30 Days ========== [2012.01.26 22:12:58 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.26 22:12:58 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.26 22:07:23 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.01.26 22:07:23 | 000,654,340 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.01.26 22:07:23 | 000,616,182 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.01.26 22:07:23 | 000,130,180 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.01.26 22:07:23 | 000,106,562 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.01.26 22:00:17 | 000,000,280 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UV [2012.01.26 21:59:31 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2012.01.26 21:59:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012.01.26 21:59:07 | 1875,443,712 | -HS- | M] () -- C:\hiberfil.sys [2012.01.26 20:05:18 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UVr [2012.01.26 19:04:22 | 000,000,440 | -H-- | M] () -- C:\ProgramData\lM7iTvRTsn29UV [2012.01.26 19:01:12 | 000,000,653 | -H-- | M] () -- C:\Users\admin\Desktop\System Check.lnk [2012.01.26 19:00:49 | 000,364,544 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe [2012.01.26 18:53:59 | 000,451,584 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe [2012.01.26 17:59:03 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2012.01.20 15:38:15 | 000,023,552 | -H-- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.06 20:52:14 | 000,001,035 | -H-- | M] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk [2012.01.06 18:37:17 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib [2012.01.06 18:15:54 | 000,001,914 | -H-- | M] () -- C:\Users\admin\Desktop\DVD Flick.lnk [2011.12.28 12:23:40 | 000,416,056 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.01.26 20:05:18 | 000,000,280 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UV [2012.01.26 20:05:18 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UVr [2012.01.26 19:01:12 | 000,000,653 | -H-- | C] () -- C:\Users\admin\Desktop\System Check.lnk [2012.01.26 19:01:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\lM7iTvRTsn29UV [2012.01.06 20:52:14 | 000,001,035 | -H-- | C] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk [2012.01.06 18:37:17 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.01.06 18:15:53 | 000,001,914 | -H-- | C] () -- C:\Users\admin\Desktop\DVD Flick.lnk [2011.12.27 21:36:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\ZPIYLmpkjREDNq [2011.09.28 16:17:21 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.08.04 16:15:53 | 000,000,000 | ---- | C] () -- C:\windows\iPlayer.INI [2011.06.20 01:33:20 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll [2011.06.20 00:23:07 | 000,023,552 | -H-- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.14 22:00:43 | 000,033,134 | -H-- | C] () -- C:\Users\admin\AppData\Roaming\UserTile.png [2011.02.26 10:37:05 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2010.12.09 00:13:09 | 000,000,188 | ---- | C] () -- C:\windows\SysWow64\HPWA.ini [2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\windows\SysWow64\libeay32.dll [2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\windows\SysWow64\ssleay32.dll [2010.06.02 13:28:14 | 000,002,189 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2010.04.20 15:31:43 | 000,936,832 | ---- | C] () -- C:\windows\SysWow64\M2ElevatedCalls.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2008.10.04 00:07:10 | 003,754,896 | ---- | C] () -- C:\windows\SysWow64\erdmpg-6.dll [2008.09.28 18:33:01 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\Manipulate.dll [2008.08.28 12:20:38 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\comLyricGetter.dll [2008.08.28 12:17:22 | 000,097,280 | ---- | C] () -- C:\windows\SysWow64\Uncommon.dll [2008.08.28 12:17:20 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\NormalizeDSP.dll [2006.11.06 20:30:38 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll [2005.12.21 11:36:46 | 000,009,728 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll [2005.11.06 00:34:50 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe [2005.05.17 21:37:10 | 000,076,800 | ---- | C] () -- C:\windows\SysWow64\Faac.exe [2002.07.19 17:48:22 | 000,157,696 | ---- | C] () -- C:\windows\SysWow64\OggEnc.exe [2002.01.25 07:04:50 | 000,005,440 | ---- | C] () -- C:\windows\SysWow64\mciwa16.dll [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspsbext.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfidrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfbase.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspaudrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspapdrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mciwaw95.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspwa.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspct.ini [2002.01.25 07:04:50 | 000,000,220 | ---- | C] () -- C:\windows\SysWow64\pspwave.ini [2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspdss.ini [2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspddi.ini ========== LOP Check ========== [2011.12.24 17:22:43 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoft [2011.12.24 17:22:32 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.24 14:46:10 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\MPEG Streamclip [2011.12.04 20:51:51 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\OffbeatEngine [2011.06.14 22:00:43 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\PeerNetworking [2012.01.26 21:58:04 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\Program Files (x86) [2012.01.08 13:43:47 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 26.01.2012 22:27:50 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 30,37% Memory free
3,49 Gb Paging File | 1,94 Gb Available in Paging File | 55,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 90,97 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07B22FB1-6A1E-41E7-8323-A9CA716026ED}" = bob internet
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.21
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{54B29835-EF99-41D2-9104-F159DE62F165}" = Bing Bar Platform
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9CD3BB19-993E-469D-9E1F-B57A175C1411}" = HP Software Framework
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E684A226-D7B1-4B14-9778-44AD48A654F0}" = Corel Home Office
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F097D8DF-B207-4EA1-91A4-A21B8425F9B4}" = HP Documentation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Alive Video Converter 5_is1" = Alive Video Converter (version 5.2.0.2)
"Audacity_is1" = Audacity 1.2.6
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Blaze Media Pro" = Blaze Media Pro
"bob internet" = bob internet
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"DMM" = DMM Uninstall
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ffdshow" = ffdshow
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"HyperCam 2" = HyperCam 2
"InterActual Player" = InterActual Player
"JamGuru" = JamGuru 1.0 RC5
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Complete" = PDF Complete Special Edition
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealPlayer 12.0" = RealPlayer
"SymSilent" = SymSilent
"VLC media player" = VideoLAN VLC media player 0.8.6i
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2b
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e83469ef54194a3b" = Wann
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.10.2011 14:11:27 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
0x48a3a94b Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
0x4845b139 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001b812 ID des fehlerhaften Prozesses:
0xd40 Startzeit der fehlerhaften Anwendung: 0x01cc81e46370237c Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll Berichtskennung: 1bae7bd0-edeb-11e0-8d12-cc52af0de3a9
Error - 04.10.2011 09:25:15 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
0x48a3a94b Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
0x4845b139 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001b443 ID des fehlerhaften Prozesses:
0x678 Startzeit der fehlerhaften Anwendung: 0x01cc8290df229676 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll Berichtskennung: 4b1bedc8-ee8c-11e0-9831-cc52af0de3a9
Error - 04.10.2011 17:41:01 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
0x48a3a94b Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
0x4845b139 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001b82a ID des fehlerhaften Prozesses:
0x159c Startzeit der fehlerhaften Anwendung: 0x01cc82dc911faf5f Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll Berichtskennung: 8d2a9782-eed1-11e0-9831-cc52af0de3a9
[ Hewlett-Packard Events ]
Error - 09.06.2011 04:55:59 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201106091055.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 30.06.2011 05:33:03 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201106301133.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 18.08.2011 02:08:27 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118080822.xml
File not created by asset agent
Error - 18.08.2011 02:09:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201108180809.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 01.09.2011 11:32:17 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201109011732.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 29.12.2011 08:33:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201112291333.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 05.01.2012 13:32:23 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011205063213.xml
File not created by asset agent
Error - 05.01.2012 14:02:47 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201051902.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 12.01.2012 16:54:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201122154.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 19.01.2012 09:54:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201191454.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
[ HP Wireless Assistant Events ]
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()
Error - 26.02.2011 05:35:42 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597 at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
calibration) at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 04.12.2011 14:42:55 | Computer Name = admin-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 bei HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ Media Center Events ]
Error - 06.10.2011 04:43:13 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:43:06 - Fehler beim Herstellen der Internetverbindung. 10:43:06
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2011 04:47:20 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:20 - Fehler beim Herstellen der Internetverbindung. 10:47:20
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2011 04:47:31 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:25 - Fehler beim Herstellen der Internetverbindung. 10:47:25
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2011 07:47:48 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:48 - Fehler beim Herstellen der Internetverbindung. 13:47:48
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2011 07:48:03 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:53 - Fehler beim Herstellen der Internetverbindung. 13:47:53
- Serververbindung konnte nicht hergestellt werden..
Error - 11.10.2011 07:43:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:33 - Fehler beim Herstellen der Internetverbindung. 13:43:33
- Serververbindung konnte nicht hergestellt werden..
Error - 11.10.2011 07:43:45 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:38 - Fehler beim Herstellen der Internetverbindung. 13:43:38
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2011 07:46:17 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:17 - Fehler beim Herstellen der Internetverbindung. 13:46:17
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2011 07:46:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:23 - Fehler beim Herstellen der Internetverbindung. 13:46:23
- Serververbindung konnte nicht hergestellt werden..
Error - 15.10.2011 08:32:19 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 14:32:08 - Fehler beim Herstellen der Internetverbindung. 14:32:08
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 16.09.2011 13:33:44 | Computer Name = admin-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?16.?09.?2011 um 19:32:25 unerwartet heruntergefahren.
Error - 16.09.2011 14:43:38 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 17.09.2011 08:44:00 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 17.09.2011 10:44:40 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 17.09.2011 14:14:30 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 20.09.2011 14:30:08 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
Error - 03.10.2011 12:38:08 | Computer Name = admin-HP | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 04.10.2011 18:10:39 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
Error - 05.10.2011 09:41:16 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
Error - 06.10.2011 18:08:12 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
27.01.2012, 11:02
| #2 | ||||||
| /// Helfer-Team    | Failed to save all the components for the file \\System32\\ [...] Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Zitat:
Zitat:
Zitat:
Code:
ATTFilter :OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKCU..\Run: [vaqsQJTNJWdMqPG.exe] C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell - "" = AutoRun
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Install.exe
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
[2012.01.26 19:00:49 | 000,364,544 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:57:07 | 000,451,584 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.06 22:41:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Local\AskToolbar
[2012.01.06 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.01.26 21:59:31 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.26 20:05:18 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:04:22 | 000,000,440 | -H-- | M] () -- C:\ProgramData\lM7iTvRTsn29UV
[2012.01.26 19:00:49 | 000,364,544 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:53:59 | 000,451,584 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.26 17:59:03 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.26 20:05:18 | 000,000,280 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UV
[2012.01.26 20:05:18 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:01:12 | 000,000,653 | -H-- | C] () -- C:\Users\admin\Desktop\System Check.lnk
[2012.01.26 19:01:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\lM7iTvRTsn29UV
[2011.12.27 21:36:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\ZPIYLmpkjREDNq
:Commands
[purity]
[emptytemp]
3. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
4. Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein 5. erneut einen Scan mit OTL:
Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
30.01.2012, 21:06
| #3 |
| | Failed to save all the components for the file \\System32\\ [...] Also ich hab mir mal unhide runtergeladen, ist auch wirklich wieder alles sichtbar geworden, blöderweise halt auch das was von Windows absichtlich verborgen war, aber damit kann ich leben.
__________________Was noch komisch ist ist, dass wenn ich unten links auf das Symbol klick (wie heißt das überhaupt was sich da öffnet?) kein einziges Symbol mehr da ist außer "Apple Software Update"...was ich mit Apple zu tun hab ist mir ein Rätsel, vielleicht hab ichs aber auch nur mal unabsichtlich runtergeladen? Außerdem sind in der rechten Hälfte die Befehle fürs Öffnen von Dokumenten etc. weiterhin verschwunden. Ich wart lieber mal mit dem nächsten Schritt ab, bis da ein okay kommt, nicht dass ich mir noch was ruiniere ._. |
|
31.01.2012, 12:54
| #4 | |
| | Failed to save all the components for the file \\System32\\ [...]Zitat:
|
|
31.01.2012, 16:04
| #5 |
| /// Helfer-Team | Failed to save all the components for the file \\System32\\ [...] ja, bitte alle Punkte vollständig abarbeiten!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
01.02.2012, 16:02
| #6 |
| | Failed to save all the components for the file \\System32\\ [...] Ich bin mal alle Punkte durchgegangen, hier das Ergebnis: 1) unhide hat alles wieder sichtbar gemacht, ich denk mal da passt alles. 2) Bei OTL gefixed, rausgekommen ist: Code:
ATTFilter All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\vaqsQJTNJWdMqPG.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. D:\AutoRun.dat scheduled to be moved on reboot.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
File D:\Install.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
File E:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File C:\ProgramData\lM7iTvRTsn29UV.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
C:\Users\admin\AppData\Local\AskToolbar\Downloaded Program Files\temp folder moved successfully.
C:\Users\admin\AppData\Local\AskToolbar\Downloaded Program Files folder moved successfully.
C:\Users\admin\AppData\Local\AskToolbar folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\ProgramData\~lM7iTvRTsn29UVr moved successfully.
C:\ProgramData\lM7iTvRTsn29UV moved successfully.
File C:\ProgramData\lM7iTvRTsn29UV.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\~lM7iTvRTsn29UV moved successfully.
File C:\ProgramData\~lM7iTvRTsn29UVr not found.
File C:\Users\admin\Desktop\System Check.lnk not found.
File C:\ProgramData\lM7iTvRTsn29UV not found.
C:\ProgramData\ZPIYLmpkjREDNq moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: admin
->Temp folder emptied: 329661854 bytes
->Temporary Internet Files folder emptied: 186758498 bytes
->Java cache emptied: 483162 bytes
->Flash cache emptied: 8230771 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 179770681 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 672,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 02012012_143510
Files\Folders moved on Reboot...
File move failed. D:\AutoRun.dat scheduled to be moved on reboot.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
C:\Users\admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot...
Code:
ATTFilter Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Datenbank Version: v2012.02.01.03 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 admin :: ADMIN-HP [Administrator] 01.02.2012 14:54:47 mbam-log-2012-02-01 (14-54-47).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 337453 Laufzeit: 46 Minute(n), 51 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter 7-Zip 9.20 25.09.2011 Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 25.12.2011 6,00MB 11.1.102.55 Alive Video Converter (version 5.2.0.2) AliveMedia, Inc. 19.06.2011 Apple Application Support Apple Inc. 19.06.2011 52,8MB 1.4.1 Apple Software Update Apple Inc. 19.06.2011 2,16MB 2.1.1.116 ATI Catalyst Install Manager ATI Technologies, Inc. 25.02.2011 22,3MB 3.0.778.0 Audacity 1.2.6 22.05.2011 AVS Update Manager 1.0 Online Media Technologies Ltd. 19.06.2011 AVS Video Converter 8 Online Media Technologies Ltd. 19.06.2011 AVS4YOU Software Navigator 1.4 Online Media Technologies Ltd. 19.06.2011 Bing Bar Microsoft Corporation 25.02.2011 6.0.2237.0 Blaze Media Pro Mystik Media 19.06.2011 9.10 bob internet A1 Telekom Austria AG 24.12.2011 38,5MB 1.9.0.0 Broadcom 2070 Bluetooth 3.0 Broadcom Corporation 25.02.2011 183,5MB 6.3.0.6300 Broadcom 802.11 Wireless LAN Adapter Broadcom Corporation 26.02.2011 5.60.350.6 CCleaner Piriform 31.01.2012 3.15 CDex extraction audio 06.08.2011 CloneDVD2 Elaborate Bytes 05.01.2012 2.9.3.0 Corel Home Office Corel Corporation 08.12.2010 118,2MB 5.0.87.621 DivxToDVD 0.5.2b VSO-Software SARL 05.01.2012 0.5.2b DMM Uninstall 16.06.2011 DVD Flick 1.3.0.7 Dennis Meuwissen 05.01.2012 1.3.0.7 Energy Star Digital Logo Hewlett-Packard 25.02.2011 0,29MB 1.0.1 ffdshow Milan Cutka 19.06.2011 20051221-gcc4.0.2-sse-x264.nl Free YouTube to MP3 Converter version 3.10.14.1206 DVDVideoSoft Ltd. 23.12.2011 77,6MB Google Earth Google 24.12.2011 92,7MB 6.1.0.5001 HP Documentation Hewlett-Packard 07.12.2010 784MB 1.5.0.0 HP ESU for Microsoft Windows 7 Hewlett-Packard Company 07.12.2010 16,7MB 1.1.6.1 HP HotKey Support Hewlett-Packard Company 07.12.2010 13,1MB 3.5.15.1 HP Setup Hewlett-Packard Company 07.12.2010 8.5.4371.3505 HP SoftPaq Download Manager Hewlett-Packard Company 07.12.2010 14,4MB 3.0.5.0 HP Software Framework Hewlett-Packard Company 07.12.2010 2,38MB 4.0.51.1 HP Software Setup Hewlett-Packard Company 07.12.2010 11,8MB 7.0.1.6 HP Support Assistant Hewlett-Packard Company 07.12.2010 67,2MB 5.0.14.2 HP Webcam Roxio 25.02.2011 9,77MB 1.0.19.6 HP Webcam Driver Realtek Semiconductor Corp. 25.02.2011 6.1.7600.0049 HP Wireless Assistant Hewlett-Packard 07.12.2010 5,60MB 4.0.6.0 IDT Audio IDT 25.02.2011 1.0.6275.0 InterActual Player 03.08.2011 JamGuru 1.0 RC5 Ultimate-Guitar 28.10.2011 1.0 RC5 Java(TM) 6 Update 26 Oracle 13.08.2011 94,9MB 6.0.260 LightScribe System Software LightScribe 07.12.2010 23,4MB 1.18.12.1 Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 31.01.2012 17,4MB 1.60.1.1000 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 04.05.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 04.05.2011 2,94MB 4.0.30319 Microsoft Office 2010 Microsoft Corporation 07.12.2010 6,31MB 14.0.4763.1000 Microsoft Office Home and Student 2010 Microsoft Corporation 02.05.2011 14.0.4763.1000 Microsoft Office Outlook Connector Microsoft Corporation 03.05.2011 3,36MB 14.0.5118.5000 Microsoft Silverlight Microsoft Corporation 05.01.2012 40,4MB 4.0.60831.0 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 03.05.2011 1,70MB 3.1.0000 Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 19.06.2011 0,33MB 8.0.59193 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 07.12.2010 0,69MB 8.0.56336 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 07.12.2010 0,77MB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 25.02.2011 0,77MB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 25.02.2011 0,58MB 9.0.30729.4148 MSXML 4.0 SP2 (KB954430) Microsoft Corporation 07.01.2012 1,28MB 4.20.9870.0 MSXML 4.0 SP2 (KB973688) Microsoft Corporation 07.01.2012 1,33MB 4.20.9876.0 Nero BurnLite 10 Nero AG 05.01.2012 57,6MB 10.0.10600 Nero Toolbar Ask.com 05.01.2012 1,66MB 1.6.9.0 Nero Update Nero AG 05.01.2012 1,44MB 1.0.0018 Norton Internet Security Symantec Corporation 02.05.2011 18.6.0.29 Norton Online Backup Symantec 02.05.2011 3,30MB 2.0.0.34 PDF Complete Special Edition PDF Complete, Inc 25.02.2011 3.5.117 Pokemon Online 1.0.21 Dreambelievers 13.06.2011 44,4MB QuickTime Alternative 1.81 23.12.2011 1.81 RealPlayer RealNetworks 19.06.2011 Realtek Ethernet Controller All-In-One Windows Driver Realtek 07.12.2010 1.12.0011 Roxio Creator Business Roxio 25.02.2011 324MB 10.3.56.21 Skype™ 4.2 Skype Technologies S.A. 25.02.2011 31,7MB 4.2.163 SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48 eRightSoft 19.06.2011 39,5MB v2011.build.48 SymSilent Symantec Corporation 25.02.2011 Synaptics Pointing Device Driver Synaptics Incorporated 08.12.2010 15.0.10.0 VideoLAN VLC media player 0.8.6i VideoLAN Team 29.06.2011 0.8.6i Wann Appadaumen.de 17.08.2011 1.0.0.1 Windows 7 Default Setting Hewlett-Packard Company 07.12.2010 32,00KB 1.0.1.7 Windows Live Essentials Microsoft Corporation 04.05.2011 15.4.3508.1109 Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 03.05.2011 5,58MB 15.4.5722.2 Windows Movie Maker 2.6 Microsoft Corporation 03.12.2011 8,85MB 2.6.4037.0 WinZip 14.5 WinZip Computing, S.L. 02.05.2011 20,0MB 14.5.9095 Code:
ATTFilter OTL logfile created on: 01.02.2012 15:49:37 - Run 2 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,54% Memory free 3,49 Gb Paging File | 1,93 Gb Available in Paging File | 55,24% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 215,59 Gb Total Space | 92,03 Gb Free Space | 42,69% Space Free | Partition Type: NTFS Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32 Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.26 22:12:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Downloads\OTL.exe PRC - [2011.12.26 00:55:04 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe PRC - [2011.06.20 01:31:06 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe PRC - [2011.04.08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2010.09.16 12:22:39 | 009,319,792 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Program Files (x86)\bob internet\bobInternet.exe PRC - [2010.07.13 00:47:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010.03.06 23:39:08 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe PRC - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe PRC - [2009.01.12 13:15:52 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe ========== Modules (No Company Name) ========== MOD - [2010.08.20 15:14:19 | 001,316,864 | ---- | M] () -- C:\Program Files (x86)\bob internet\Skins\bob\bob.dbskin MOD - [2010.08.19 18:32:30 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\bob internet\resetregistry.dll MOD - [2010.02.22 20:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010.02.22 20:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010.02.22 20:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010.08.05 00:22:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.07.30 04:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2010.04.05 20:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV:64bit: - [2010.03.17 13:48:42 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe -- (STacSV) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe -- (AESTFilters) SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS) SRV - [2010.12.21 06:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc) SRV - [2010.07.13 00:47:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.06 23:39:08 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.01.12 13:15:52 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe -- (NMSAccess) SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.07.08 16:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS) DRV:64bit: - [2011.05.11 20:04:46 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP) DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA) DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.26 10:42:04 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS) DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON) DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010.08.11 17:43:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010.08.05 00:52:36 | 006,859,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.08.04 23:47:20 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.07.20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.07.20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.07.20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.07.14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010.05.21 03:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc) DRV:64bit: - [2010.05.03 23:44:02 | 000,331,880 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.03.19 12:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010.03.17 13:48:42 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010.03.09 18:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2010.02.26 19:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:64bit: - [2010.02.16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2011.06.03 02:08:18 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110629.050\IDSviA64.sys -- (IDSVia64) DRV - [2011.05.19 20:37:05 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys -- (BHDrvx64) DRV - [2011.05.18 19:39:23 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\EX64.SYS -- (NAVEX15) DRV - [2011.05.18 19:39:22 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\ENG64.SYS -- (NAVENG) DRV - [2011.05.10 20:21:22 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011.05.10 20:21:22 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox [2010.12.09 00:14:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.09 00:14:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.09 00:14:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011.10.18 15:47:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_4_3 [2012.02.01 14:38:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.26 21:57:46 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll File not found O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF6B0702-F848-4A2D-A575-7F9C9A79D8CB}: DhcpNameServer = 151.99.125.2 151.99.125.3 194.20.8.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBB0385C-3D38-42C1-B33B-241D891D0C0D}: NameServer = 194.48.124.202 194.48.124.200 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ] O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.01 15:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.02.01 15:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.02.01 14:51:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes [2012.02.01 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.02.01 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.02.01 14:51:08 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2012.02.01 14:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.02.01 14:35:10 | 000,000,000 | ---D | C] -- C:\_OTL [2012.01.31 20:37:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Skype [2012.01.23 13:58:47 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll [2012.01.23 13:58:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll [2012.01.23 13:58:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll [2012.01.23 13:58:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll [2012.01.23 13:58:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll [2012.01.23 13:58:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll [2012.01.19 19:39:58 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte [2012.01.11 16:24:36 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Outlook-Dateien [2012.01.11 16:16:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll [2012.01.11 16:16:07 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll [2012.01.11 16:16:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll [2012.01.11 16:16:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll [2012.01.11 16:16:03 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2012.01.11 16:16:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2012.01.11 16:16:02 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2012.01.11 16:16:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll [2012.01.11 16:16:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll [2012.01.08 02:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2012.01.06 22:36:05 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\DivXToDvd [2012.01.06 22:31:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Nero [2012.01.06 22:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012.01.06 22:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012.01.06 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012.01.06 20:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO [2012.01.06 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vso [2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2012.01.06 18:16:17 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\DVD Flick [2012.01.06 18:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick [2012.01.06 18:15:50 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomct2.ocx [2012.01.06 18:15:50 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.ocx [2012.01.06 18:15:50 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comct232.ocx [2012.01.06 18:15:50 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\windows\SysWow64\ssubtmr6.dll [2012.01.06 18:15:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\windows\SysWow64\trayicon_handler.ocx [2012.01.06 18:15:50 | 000,028,672 | ---- | C] (-) -- C:\windows\SysWow64\mousewheel.ocx [2012.01.06 18:15:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\richtx32.ocx [2012.01.06 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick ========== Files - Modified Within 30 Days ========== [2012.02.01 15:46:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.02.01 14:51:10 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.02.01 14:45:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.01 14:45:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.01 14:45:10 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2012.02.01 14:45:10 | 000,654,340 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2012.02.01 14:45:10 | 000,616,182 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2012.02.01 14:45:10 | 000,130,180 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2012.02.01 14:45:10 | 000,106,562 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2012.02.01 14:38:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2012.02.01 14:37:46 | 1875,443,712 | -HS- | M] () -- C:\hiberfil.sys [2012.01.28 05:52:38 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1207000.00D\isolate.ini [2012.01.20 15:38:15 | 000,023,552 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.06 20:52:14 | 000,001,035 | ---- | M] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk [2012.01.06 18:37:17 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib [2012.01.06 18:36:09 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2012.01.06 18:15:54 | 000,001,914 | ---- | M] () -- C:\Users\admin\Desktop\DVD Flick.lnk ========== Files Created - No Company Name ========== [2012.02.01 15:46:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.02.01 14:51:10 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.01.30 20:58:05 | 000,002,297 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk [2012.01.30 20:58:04 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk [2012.01.30 20:58:04 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.01.30 20:58:04 | 000,000,914 | ---- | C] () -- C:\Users\Public\Desktop\Pokemon Online.lnk [2012.01.30 20:58:03 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2012.01.30 20:58:03 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2012.01.30 20:58:03 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk [2012.01.30 20:58:03 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\JamGuru.lnk [2012.01.30 20:58:03 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Corel Home Office.lnk [2012.01.30 20:58:03 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\InterActual Player.lnk [2012.01.30 20:58:02 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk [2012.01.30 20:58:02 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\CloneDVD2.lnk [2012.01.30 20:58:02 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\bob internet.lnk [2012.01.30 20:57:57 | 000,000,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012.01.30 20:57:33 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk [2012.01.30 20:57:33 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.01.30 20:57:33 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012.01.30 20:57:33 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [2012.01.30 20:57:32 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.01.30 20:57:32 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012.01.30 20:57:32 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [2012.01.30 20:57:32 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2012.01.30 20:57:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.01.30 20:57:32 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012.01.30 20:57:32 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [2012.01.30 20:57:31 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2012.01.30 20:57:31 | 000,001,663 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Software Setup.lnk [2012.01.30 20:57:31 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk [2012.01.30 20:57:31 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.01.30 20:57:30 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.01.30 20:57:30 | 000,001,153 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive Video Converter 5.lnk [2012.01.30 20:57:30 | 000,000,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [2012.01.06 20:52:14 | 000,001,035 | ---- | C] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk [2012.01.06 18:37:17 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib [2012.01.06 18:15:53 | 000,001,914 | ---- | C] () -- C:\Users\admin\Desktop\DVD Flick.lnk [2011.09.28 16:17:21 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011.08.04 16:15:53 | 000,000,000 | ---- | C] () -- C:\windows\iPlayer.INI [2011.06.20 01:33:20 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll [2011.06.20 00:23:07 | 000,023,552 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.14 22:00:43 | 000,033,134 | ---- | C] () -- C:\Users\admin\AppData\Roaming\UserTile.png [2011.02.26 10:37:05 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2010.12.09 00:13:09 | 000,000,188 | ---- | C] () -- C:\windows\SysWow64\HPWA.ini [2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\windows\SysWow64\libeay32.dll [2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\windows\SysWow64\ssleay32.dll [2010.06.02 13:28:14 | 000,002,189 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat [2010.04.20 15:31:43 | 000,936,832 | ---- | C] () -- C:\windows\SysWow64\M2ElevatedCalls.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2008.10.04 00:07:10 | 003,754,896 | ---- | C] () -- C:\windows\SysWow64\erdmpg-6.dll [2008.09.28 18:33:01 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\Manipulate.dll [2008.08.28 12:20:38 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\comLyricGetter.dll [2008.08.28 12:17:22 | 000,097,280 | ---- | C] () -- C:\windows\SysWow64\Uncommon.dll [2008.08.28 12:17:20 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\NormalizeDSP.dll [2006.11.06 20:30:38 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll [2005.12.21 11:36:46 | 000,009,728 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll [2005.11.06 00:34:50 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe [2005.05.17 21:37:10 | 000,076,800 | ---- | C] () -- C:\windows\SysWow64\Faac.exe [2002.07.19 17:48:22 | 000,157,696 | ---- | C] () -- C:\windows\SysWow64\OggEnc.exe [2002.01.25 07:04:50 | 000,005,440 | ---- | C] () -- C:\windows\SysWow64\mciwa16.dll [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspsbext.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfidrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfbase.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspaudrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspapdrv.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mciwaw95.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspwa.ini [2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspct.ini [2002.01.25 07:04:50 | 000,000,220 | ---- | C] () -- C:\windows\SysWow64\pspwave.ini [2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspdss.ini [2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspddi.ini ========== LOP Check ========== [2011.12.24 17:22:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoft [2011.12.24 17:22:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.24 14:46:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MPEG Streamclip [2011.12.04 20:51:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OffbeatEngine [2011.06.14 22:00:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PeerNetworking [2012.01.26 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Program Files (x86) [2012.01.08 13:43:47 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 01.02.2012 15:49:37 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,54% Memory free
3,49 Gb Paging File | 1,93 Gb Available in Paging File | 55,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 92,03 Gb Free Space | 42,69% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07B22FB1-6A1E-41E7-8323-A9CA716026ED}" = bob internet
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.21
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{54B29835-EF99-41D2-9104-F159DE62F165}" = Bing Bar Platform
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9CD3BB19-993E-469D-9E1F-B57A175C1411}" = HP Software Framework
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E684A226-D7B1-4B14-9778-44AD48A654F0}" = Corel Home Office
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F097D8DF-B207-4EA1-91A4-A21B8425F9B4}" = HP Documentation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Alive Video Converter 5_is1" = Alive Video Converter (version 5.2.0.2)
"Audacity_is1" = Audacity 1.2.6
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Blaze Media Pro" = Blaze Media Pro
"bob internet" = bob internet
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"DMM" = DMM Uninstall
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ffdshow" = ffdshow
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"HyperCam 2" = HyperCam 2
"InterActual Player" = InterActual Player
"JamGuru" = JamGuru 1.0 RC5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Complete" = PDF Complete Special Edition
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealPlayer 12.0" = RealPlayer
"SymSilent" = SymSilent
"VLC media player" = VideoLAN VLC media player 0.8.6i
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2b
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e83469ef54194a3b" = Wann
========== Last 10 Event Log Errors ==========
[ Hewlett-Packard Events ]
Error - 09.06.2011 04:55:59 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201106091055.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 30.06.2011 05:33:03 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201106301133.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 18.08.2011 02:08:27 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118080822.xml
File not created by asset agent
Error - 18.08.2011 02:09:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201108180809.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 01.09.2011 11:32:17 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201109011732.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 29.12.2011 08:33:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201112291333.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 05.01.2012 13:32:23 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011205063213.xml
File not created by asset agent
Error - 05.01.2012 14:02:47 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201051902.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 12.01.2012 16:54:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201122154.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
Error - 19.01.2012 09:54:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201201191454.xml" konnte nicht gefunden werden.
mscorlib
bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()
[ HP Wireless Assistant Events ]
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) at HPPA_Service.CurrentConfiguration.ReloadRadioList()
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
handler) at HPPA_Service.CurrentConfiguration..ctor()
Error - 26.02.2011 05:35:42 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597 at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
calibration) at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
Error - 04.12.2011 14:42:55 | Computer Name = admin-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597 bei HP_Common.CaslWrapper.GetDeviceInfo(List`1&
radioList) bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ Media Center Events ]
Error - 06.10.2011 04:43:13 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:43:06 - Fehler beim Herstellen der Internetverbindung. 10:43:06
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2011 04:47:20 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:20 - Fehler beim Herstellen der Internetverbindung. 10:47:20
- Serververbindung konnte nicht hergestellt werden..
Error - 09.10.2011 04:47:31 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:25 - Fehler beim Herstellen der Internetverbindung. 10:47:25
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2011 07:47:48 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:48 - Fehler beim Herstellen der Internetverbindung. 13:47:48
- Serververbindung konnte nicht hergestellt werden..
Error - 10.10.2011 07:48:03 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:53 - Fehler beim Herstellen der Internetverbindung. 13:47:53
- Serververbindung konnte nicht hergestellt werden..
Error - 11.10.2011 07:43:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:33 - Fehler beim Herstellen der Internetverbindung. 13:43:33
- Serververbindung konnte nicht hergestellt werden..
Error - 11.10.2011 07:43:45 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:38 - Fehler beim Herstellen der Internetverbindung. 13:43:38
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2011 07:46:17 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:17 - Fehler beim Herstellen der Internetverbindung. 13:46:17
- Serververbindung konnte nicht hergestellt werden..
Error - 13.10.2011 07:46:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:23 - Fehler beim Herstellen der Internetverbindung. 13:46:23
- Serververbindung konnte nicht hergestellt werden..
Error - 15.10.2011 08:32:19 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 14:32:08 - Fehler beim Herstellen der Internetverbindung. 14:32:08
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 03.10.2011 12:38:08 | Computer Name = admin-HP | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error - 04.10.2011 18:10:39 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
Error - 05.10.2011 09:41:16 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
Error - 06.10.2011 18:08:12 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
01.02.2012, 19:35
| #7 | |
| /// Helfer-Team | Failed to save all the components for the file \\System32\\ [...] 1. Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software): Code:
ATTFilter Bing Bar -> Bing Bar aus Firefox und Internet Explorer entfernen  Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen 2. Deine Javaversion ist nicht aktuell! → Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)! 3. deinstalliere unter Software/Programme: Code:
ATTFilter Adware -Toolbar: Nero Toolbar Ask.com Zitat:
Code:
ATTFilter :OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
:Commands
[purity]
[emptytemp]
5. reinige dein System mit CCleaner:
6.
7. Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung 8. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
| Themen zu Failed to save all the components for the file \\System32\\ [...] |
| 64-bit, 7-zip, adobe, audacity, bho, bildschirm, converter, defender, document, error, explorer, failed, failed to save all the components for the file \\system32, fehler, firefox, flash player, format, google earth, helper, home, intrusion prevention, logfile, microsoft office word, mp3, nicht gefunden, plug-in, problem, realtek, rundll, scan, schattenkopien, security, software, super, symantec, system, systemwiederherstellung gemacht, version=1.0, video converter, webcheck, windows |
![Failed to save all the components for the file \\System32\\ [...]](iconimages/log-analyse-auswertung/failed-to-save-all-the-components-for-the-file-system32_ltr.gif)
.
Linear-Darstellung
