Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Failed to save all the components for the file \\System32\\ [...]

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 26.01.2012, 22:43   #1
Fritzes007
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



Hallo!

Ich habe ein hier wohl altbekanntes Problem, das hier schon öfters aufgetaucht ist. Allerdings muss man so wie ich das verstanden hab seinen individuellen OTL Log angeben, deshalb dieses neue Thema...
Heute beim Surfen schlossen sich plötzlich alle Programme, nichts hat sich mehr öffnen lassen, also hab ich den Pc mal ausgeschalten. Beim Einschalten war dann der Bildschirm schwarz, alle Dateien versteckt, die Ordner bei Alle Programme zwar da aber leer, ein System Check öffnete sich und entdeckte 8 Fehler die er nicht beheben konnte, etliche Fenster mit "Failed to save all the components for the file \\System32\\ [...]" öffneten sich, regelmäßig sagt er mir Dinge a la "Hard drive clusters are partly damaged. Segment load failure". Das gleiche Spiel bei jedem Neustart.

Ich hab Windows 7 und hatte das selbe Problem schon einmal vor ca. einem Monat. Damals hab ich eine Systemwiederherstellung gemacht und alles war wieder in Ordnung. Hab ich wieder probiert, diesmal hat es aber nix gebracht.

Code:
ATTFilter
OTL logfile created on: 26.01.2012 22:27:50 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 30,37% Memory free
3,49 Gb Paging File | 1,94 Gb Available in Paging File | 55,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 90,97 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\lM7iTvRTsn29UV.exe (Microsoft Corp)
PRC - C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\bob internet\bobInternet.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe ()
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\bob internet\Skins\bob\bob.dbskin ()
MOD - C:\Program Files (x86)\bob internet\resetregistry.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe ()
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys (Symantec Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie64.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110629.050\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\ENG64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox [2010.12.09 00:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.09 00:14:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.09 00:14:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011.10.18 15:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_4_3 [2012.01.26 21:59:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.26 21:57:46 | 000,000,000 | -H-D | M]
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [vaqsQJTNJWdMqPG.exe] C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF6B0702-F848-4A2D-A575-7F9C9A79D8CB}: DhcpNameServer = 151.99.125.2 151.99.125.3 194.20.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBB0385C-3D38-42C1-B33B-241D891D0C0D}: NameServer = 194.48.124.202 194.48.124.200
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell - "" = AutoRun
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Install.exe
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.26 19:00:49 | 000,364,544 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:57:07 | 000,451,584 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.23 13:58:47 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012.01.23 13:58:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012.01.23 13:58:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012.01.23 13:58:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012.01.23 13:58:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012.01.23 13:58:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012.01.19 19:39:58 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.01.11 16:24:36 | 000,000,000 | -H-D | C] -- C:\Users\admin\Documents\Outlook-Dateien
[2012.01.11 16:16:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012.01.11 16:16:07 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012.01.11 16:16:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012.01.11 16:16:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012.01.11 16:16:03 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012.01.11 16:16:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012.01.11 16:16:02 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012.01.11 16:16:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012.01.11 16:16:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012.01.08 02:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.01.06 22:41:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Local\AskToolbar
[2012.01.06 22:36:05 | 000,000,000 | -H-D | C] -- C:\Users\admin\Documents\DivXToDvd
[2012.01.06 22:31:19 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\Nero
[2012.01.06 22:29:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\Nero
[2012.01.06 22:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012.01.06 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012.01.06 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.01.06 20:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2012.01.06 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vso
[2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2012.01.06 18:16:17 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Roaming\DVD Flick
[2012.01.06 18:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
[2012.01.06 18:15:50 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomct2.ocx
[2012.01.06 18:15:50 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.ocx
[2012.01.06 18:15:50 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comct232.ocx
[2012.01.06 18:15:50 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\windows\SysWow64\ssubtmr6.dll
[2012.01.06 18:15:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\windows\SysWow64\trayicon_handler.ocx
[2012.01.06 18:15:50 | 000,028,672 | ---- | C] (-) -- C:\windows\SysWow64\mousewheel.ocx
[2012.01.06 18:15:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\richtx32.ocx
[2012.01.06 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.26 22:12:58 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.26 22:12:58 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.26 22:07:23 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.01.26 22:07:23 | 000,654,340 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.01.26 22:07:23 | 000,616,182 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.01.26 22:07:23 | 000,130,180 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.01.26 22:07:23 | 000,106,562 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.01.26 22:00:17 | 000,000,280 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UV
[2012.01.26 21:59:31 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.26 21:59:15 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.01.26 21:59:07 | 1875,443,712 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.26 20:05:18 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:04:22 | 000,000,440 | -H-- | M] () -- C:\ProgramData\lM7iTvRTsn29UV
[2012.01.26 19:01:12 | 000,000,653 | -H-- | M] () -- C:\Users\admin\Desktop\System Check.lnk
[2012.01.26 19:00:49 | 000,364,544 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:53:59 | 000,451,584 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.26 17:59:03 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.20 15:38:15 | 000,023,552 | -H-- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.06 20:52:14 | 000,001,035 | -H-- | M] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk
[2012.01.06 18:37:17 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.01.06 18:15:54 | 000,001,914 | -H-- | M] () -- C:\Users\admin\Desktop\DVD Flick.lnk
[2011.12.28 12:23:40 | 000,416,056 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.01.26 20:05:18 | 000,000,280 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UV
[2012.01.26 20:05:18 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:01:12 | 000,000,653 | -H-- | C] () -- C:\Users\admin\Desktop\System Check.lnk
[2012.01.26 19:01:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\lM7iTvRTsn29UV
[2012.01.06 20:52:14 | 000,001,035 | -H-- | C] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk
[2012.01.06 18:37:17 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.06 18:15:53 | 000,001,914 | -H-- | C] () -- C:\Users\admin\Desktop\DVD Flick.lnk
[2011.12.27 21:36:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\ZPIYLmpkjREDNq
[2011.09.28 16:17:21 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.08.04 16:15:53 | 000,000,000 | ---- | C] () -- C:\windows\iPlayer.INI
[2011.06.20 01:33:20 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll
[2011.06.20 00:23:07 | 000,023,552 | -H-- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 22:00:43 | 000,033,134 | -H-- | C] () -- C:\Users\admin\AppData\Roaming\UserTile.png
[2011.02.26 10:37:05 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010.12.09 00:13:09 | 000,000,188 | ---- | C] () -- C:\windows\SysWow64\HPWA.ini
[2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\windows\SysWow64\libeay32.dll
[2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\windows\SysWow64\ssleay32.dll
[2010.06.02 13:28:14 | 000,002,189 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2010.04.20 15:31:43 | 000,936,832 | ---- | C] () -- C:\windows\SysWow64\M2ElevatedCalls.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2008.10.04 00:07:10 | 003,754,896 | ---- | C] () -- C:\windows\SysWow64\erdmpg-6.dll
[2008.09.28 18:33:01 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\Manipulate.dll
[2008.08.28 12:20:38 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\comLyricGetter.dll
[2008.08.28 12:17:22 | 000,097,280 | ---- | C] () -- C:\windows\SysWow64\Uncommon.dll
[2008.08.28 12:17:20 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\NormalizeDSP.dll
[2006.11.06 20:30:38 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2005.12.21 11:36:46 | 000,009,728 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2005.11.06 00:34:50 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe
[2005.05.17 21:37:10 | 000,076,800 | ---- | C] () -- C:\windows\SysWow64\Faac.exe
[2002.07.19 17:48:22 | 000,157,696 | ---- | C] () -- C:\windows\SysWow64\OggEnc.exe
[2002.01.25 07:04:50 | 000,005,440 | ---- | C] () -- C:\windows\SysWow64\mciwa16.dll
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspsbext.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfidrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfbase.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspaudrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspapdrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mciwaw95.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspwa.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspct.ini
[2002.01.25 07:04:50 | 000,000,220 | ---- | C] () -- C:\windows\SysWow64\pspwave.ini
[2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspdss.ini
[2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspddi.ini
 
========== LOP Check ==========
 
[2011.12.24 17:22:43 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoft
[2011.12.24 17:22:32 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.24 14:46:10 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\MPEG Streamclip
[2011.12.04 20:51:51 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\OffbeatEngine
[2011.06.14 22:00:43 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\PeerNetworking
[2012.01.26 21:58:04 | 000,000,000 | -H-D | M] -- C:\Users\admin\AppData\Roaming\Program Files (x86)
[2012.01.08 13:43:47 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 26.01.2012 22:27:50 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 30,37% Memory free
3,49 Gb Paging File | 1,94 Gb Available in Paging File | 55,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 90,97 Gb Free Space | 42,19% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07B22FB1-6A1E-41E7-8323-A9CA716026ED}" = bob internet
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.21
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{54B29835-EF99-41D2-9104-F159DE62F165}" = Bing Bar Platform
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9CD3BB19-993E-469D-9E1F-B57A175C1411}" = HP Software Framework
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E684A226-D7B1-4B14-9778-44AD48A654F0}" = Corel Home Office
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F097D8DF-B207-4EA1-91A4-A21B8425F9B4}" = HP Documentation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Alive Video Converter 5_is1" = Alive Video Converter (version 5.2.0.2)
"Audacity_is1" = Audacity 1.2.6
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Blaze Media Pro" = Blaze Media Pro
"bob internet" = bob internet
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"DMM" = DMM Uninstall
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ffdshow" = ffdshow
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"HyperCam 2" = HyperCam 2
"InterActual Player" = InterActual Player
"JamGuru" = JamGuru 1.0 RC5
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Complete" = PDF Complete Special Edition
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealPlayer 12.0" = RealPlayer
"SymSilent" = SymSilent
"VLC media player" = VideoLAN VLC media player 0.8.6i
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2b
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e83469ef54194a3b" = Wann
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 03.10.2011 14:11:27 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
 0x48a3a94b  Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
 0x4845b139  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001b812  ID des fehlerhaften Prozesses:
 0xd40  Startzeit der fehlerhaften Anwendung: 0x01cc81e46370237c  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll  Berichtskennung: 1bae7bd0-edeb-11e0-8d12-cc52af0de3a9
 
Error - 04.10.2011 09:25:15 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
 0x48a3a94b  Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
 0x4845b139  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001b443  ID des fehlerhaften Prozesses:
 0x678  Startzeit der fehlerhaften Anwendung: 0x01cc8290df229676  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll  Berichtskennung: 4b1bedc8-ee8c-11e0-9831-cc52af0de3a9
 
Error - 04.10.2011 17:41:01 | Computer Name = admin-HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 0.8.6.0, Zeitstempel:
 0x48a3a94b  Name des fehlerhaften Moduls: libvlc.dll, Version: 0.0.0.0, Zeitstempel:
 0x4845b139  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001b82a  ID des fehlerhaften Prozesses:
 0x159c  Startzeit der fehlerhaften Anwendung: 0x01cc82dc911faf5f  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll  Berichtskennung: 8d2a9782-eed1-11e0-9831-cc52af0de3a9
 
[ Hewlett-Packard Events ]
Error - 09.06.2011 04:55:59 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201106091055.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 30.06.2011 05:33:03 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201106301133.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 18.08.2011 02:08:27 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118080822.xml
 File not created by asset agent
 
Error - 18.08.2011 02:09:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201108180809.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 01.09.2011 11:32:17 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201109011732.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 29.12.2011 08:33:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201112291333.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 05.01.2012 13:32:23 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011205063213.xml
 File not created by asset agent
 
Error - 05.01.2012 14:02:47 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201051902.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 12.01.2012 16:54:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201122154.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 19.01.2012 09:54:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201191454.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
[ HP Wireless Assistant Events ]
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597    at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
 radioList)     at HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION    at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
 handler)     at HPPA_Service.CurrentConfiguration..ctor()
 
Error - 26.02.2011 05:35:42 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597    at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
 calibration)     at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
 
Error - 04.12.2011 14:42:55 | Computer Name = admin-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597    bei HP_Common.CaslWrapper.GetDeviceInfo(List`1&
 radioList)     bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ Media Center Events ]
Error - 06.10.2011 04:43:13 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:43:06 - Fehler beim Herstellen der Internetverbindung.  10:43:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.10.2011 04:47:20 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:20 - Fehler beim Herstellen der Internetverbindung.  10:47:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.10.2011 04:47:31 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:25 - Fehler beim Herstellen der Internetverbindung.  10:47:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10.10.2011 07:47:48 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:48 - Fehler beim Herstellen der Internetverbindung.  13:47:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10.10.2011 07:48:03 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:53 - Fehler beim Herstellen der Internetverbindung.  13:47:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.10.2011 07:43:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:33 - Fehler beim Herstellen der Internetverbindung.  13:43:33 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.10.2011 07:43:45 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:38 - Fehler beim Herstellen der Internetverbindung.  13:43:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.10.2011 07:46:17 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:17 - Fehler beim Herstellen der Internetverbindung.  13:46:17 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.10.2011 07:46:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:23 - Fehler beim Herstellen der Internetverbindung.  13:46:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.10.2011 08:32:19 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 14:32:08 - Fehler beim Herstellen der Internetverbindung.  14:32:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 16.09.2011 13:33:44 | Computer Name = admin-HP | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?16.?09.?2011 um 19:32:25 unerwartet heruntergefahren.
 
Error - 16.09.2011 14:43:38 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 17.09.2011 08:44:00 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 17.09.2011 10:44:40 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 17.09.2011 14:14:30 | Computer Name = admin-HP | Source = cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
 
Error - 20.09.2011 14:30:08 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
Error - 03.10.2011 12:38:08 | Computer Name = admin-HP | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 04.10.2011 18:10:39 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
Error - 05.10.2011 09:41:16 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
Error - 06.10.2011 18:08:12 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Alt 27.01.2012, 11:02   #2
kira
/// Helfer-Team
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



Hallo und Herzlich Willkommen!

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen
Zitat:
Wenn ein System kompromittiert wurde, ist das System nicht mehr vertrauenswürdig
Eine Neuinstallation garantiert die rückstandsfreie Entfernung der Infektion - Lesestoff: "Hilfe: Ich wurde das Opfer eines Hackerangriffs. Was soll ich tun?" - Säubern eines gefährdeten Systems
Falls du doch für die Systemreinigung entscheidest - Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst::

Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Zitat:
Falls treten folgende Symptome auf:
Ordner sind leer, unter Startmenü Programme fehlen etc., dieses Tool bietet dir die Lösung:
<Achtung!>: Wenn Dateien etc, die absichtlich von Dir verborgen waren, also unter eigenschaften versteckt eingestellt hast, musst Du wieder auszublenden, nachdem das Tool ausgeführt wird.

Zitat:
Alles wieder sichtbar? Bitte kontrolliere es und berichte mir genau über den Zustand!
2.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPCOM/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCOM/4
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKCU..\Run: [vaqsQJTNJWdMqPG.exe] C:\ProgramData\vaqsQJTNJWdMqPG.exe (Microsoft Corp)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell - "" = AutoRun
O33 - MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Install.exe
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\Shell\AutoRun\command - "" = E:\Autorun.exe
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell - "" = AutoRun
O33 - MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2010.08.11 18:15:32 | 000,342,864 | R--- | M] ()
[2012.01.26 19:00:49 | 000,364,544 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:57:07 | 000,451,584 | -H-- | C] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.06 22:41:24 | 000,000,000 | -H-D | C] -- C:\Users\admin\AppData\Local\AskToolbar
[2012.01.06 22:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.01.26 21:59:31 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.26 20:05:18 | 000,000,192 | -H-- | M] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:04:22 | 000,000,440 | -H-- | M] () -- C:\ProgramData\lM7iTvRTsn29UV
[2012.01.26 19:00:49 | 000,364,544 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\lM7iTvRTsn29UV.exe
[2012.01.26 18:53:59 | 000,451,584 | -H-- | M] (Microsoft Corp) -- C:\ProgramData\vaqsQJTNJWdMqPG.exe
[2012.01.26 17:59:03 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.01.26 20:05:18 | 000,000,280 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UV
[2012.01.26 20:05:18 | 000,000,192 | -H-- | C] () -- C:\ProgramData\~lM7iTvRTsn29UVr
[2012.01.26 19:01:12 | 000,000,653 | -H-- | C] () -- C:\Users\admin\Desktop\System Check.lnk
[2012.01.26 19:01:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\lM7iTvRTsn29UV
[2011.12.27 21:36:04 | 000,000,440 | -H-- | C] () -- C:\ProgramData\ZPIYLmpkjREDNq

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

3.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

4.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

5.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira
__________________

__________________

Alt 30.01.2012, 21:06   #3
Fritzes007
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



Also ich hab mir mal unhide runtergeladen, ist auch wirklich wieder alles sichtbar geworden, blöderweise halt auch das was von Windows absichtlich verborgen war, aber damit kann ich leben.
Was noch komisch ist ist, dass wenn ich unten links auf das Symbol klick (wie heißt das überhaupt was sich da öffnet?) kein einziges Symbol mehr da ist außer "Apple Software Update"...was ich mit Apple zu tun hab ist mir ein Rätsel, vielleicht hab ichs aber auch nur mal unabsichtlich runtergeladen? Außerdem sind in der rechten Hälfte die Befehle fürs Öffnen von Dokumenten etc. weiterhin verschwunden.

Ich wart lieber mal mit dem nächsten Schritt ab, bis da ein okay kommt, nicht dass ich mir noch was ruiniere ._.
__________________

Alt 31.01.2012, 12:54   #4
Fritzes007
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



Zitat:
Zitat von Fritzes007 Beitrag anzeigen
Also ich hab mir mal unhide runtergeladen, ist auch wirklich wieder alles sichtbar geworden, blöderweise halt auch das was von Windows absichtlich verborgen war, aber damit kann ich leben.
Was noch komisch ist ist, dass wenn ich unten links auf das Symbol klick (wie heißt das überhaupt was sich da öffnet?) kein einziges Symbol mehr da ist außer "Apple Software Update"...was ich mit Apple zu tun hab ist mir ein Rätsel, vielleicht hab ichs aber auch nur mal unabsichtlich runtergeladen? Außerdem sind in der rechten Hälfte die Befehle fürs Öffnen von Dokumenten etc. weiterhin verschwunden.

Ich wart lieber mal mit dem nächsten Schritt ab, bis da ein okay kommt, nicht dass ich mir noch was ruiniere ._.
Also die Probleme waren wieder mit dem Neustart gelöst...was allerdings komisch ist: Mittlerweile hab ich überhaupt keine Probleme mehr. Es tauchen keine Systemwarnungen mehr auf, System Check öffnet sich nicht, "Failed to save all the components" usw. kommt auch nicht mehr. Nur der Desktophintergrund ist noch schwarz (hab aber nicht versucht ihn zu ändern), sonst ist alles wie gehabt. Soll ich es jetzt einfach dabei belassen oder weitermachen?

Alt 31.01.2012, 16:04   #5
kira
/// Helfer-Team
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



ja, bitte alle Punkte vollständig abarbeiten!

__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Alt 01.02.2012, 16:02   #6
Fritzes007
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



Ich bin mal alle Punkte durchgegangen, hier das Ergebnis:

1) unhide hat alles wieder sichtbar gemacht, ich denk mal da passt alles.

2) Bei OTL gefixed, rausgekommen ist:
Code:
ATTFilter
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\vaqsQJTNJWdMqPG.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. D:\AutoRun.dat scheduled to be moved on reboot.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1053deec-2e32-11e1-bb79-cc52af0de3a9}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{149400f0-2ef3-11e1-8cb4-cc52af181ea7}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18d53444-c733-11e0-9752-cc52af181ea7}\ not found.
File D:\Install.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6f770a03-b9e0-11e0-9e73-cc52af181ea7}\ not found.
File E:\Autorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1087076-7899-11e0-94eb-cc52af181ea7}\ not found.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File C:\ProgramData\lM7iTvRTsn29UV.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
C:\Users\admin\AppData\Local\AskToolbar\Downloaded Program Files\temp folder moved successfully.
C:\Users\admin\AppData\Local\AskToolbar\Downloaded Program Files folder moved successfully.
C:\Users\admin\AppData\Local\AskToolbar folder moved successfully.
C:\Program Files (x86)\Ask.com folder moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\ProgramData\~lM7iTvRTsn29UVr moved successfully.
C:\ProgramData\lM7iTvRTsn29UV moved successfully.
File C:\ProgramData\lM7iTvRTsn29UV.exe not found.
File C:\ProgramData\vaqsQJTNJWdMqPG.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\~lM7iTvRTsn29UV moved successfully.
File C:\ProgramData\~lM7iTvRTsn29UVr not found.
File C:\Users\admin\Desktop\System Check.lnk not found.
File C:\ProgramData\lM7iTvRTsn29UV not found.
C:\ProgramData\ZPIYLmpkjREDNq moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: admin
->Temp folder emptied: 329661854 bytes
->Temporary Internet Files folder emptied: 186758498 bytes
->Java cache emptied: 483162 bytes
->Flash cache emptied: 8230771 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 179770681 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 672,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02012012_143510

Files\Folders moved on Reboot...
File move failed. D:\AutoRun.dat scheduled to be moved on reboot.
File move failed. D:\Autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
C:\Users\admin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         
3) Malware hat tatsächlich was gefunden, was ich dann auch gelöscht hab...
Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.01.03

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
admin :: ADMIN-HP [Administrator]

01.02.2012 14:54:47
mbam-log-2012-02-01 (14-54-47).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 337453
Laufzeit: 46 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
4) Bei Ccleaner:
Code:
ATTFilter
7-Zip 9.20		25.09.2011		
Adobe Flash Player 11 ActiveX 64-bit	Adobe Systems Incorporated	25.12.2011	6,00MB	11.1.102.55
Alive Video Converter (version 5.2.0.2)	AliveMedia, Inc.	19.06.2011		
Apple Application Support	Apple Inc.	19.06.2011	52,8MB	1.4.1
Apple Software Update	Apple Inc.	19.06.2011	2,16MB	2.1.1.116
ATI Catalyst Install Manager	ATI Technologies, Inc.	25.02.2011	22,3MB	3.0.778.0
Audacity 1.2.6		22.05.2011		
AVS Update Manager 1.0	Online Media Technologies Ltd.	19.06.2011		
AVS Video Converter 8	Online Media Technologies Ltd.	19.06.2011		
AVS4YOU Software Navigator 1.4	Online Media Technologies Ltd.	19.06.2011		
Bing Bar	Microsoft Corporation	25.02.2011		6.0.2237.0
Blaze Media Pro	Mystik Media	19.06.2011		9.10
bob internet	A1 Telekom Austria AG	24.12.2011	38,5MB	1.9.0.0
Broadcom 2070 Bluetooth 3.0	Broadcom Corporation	25.02.2011	183,5MB	6.3.0.6300
Broadcom 802.11 Wireless LAN Adapter	Broadcom Corporation	26.02.2011		5.60.350.6
CCleaner	Piriform	31.01.2012		3.15
CDex extraction audio		06.08.2011		
CloneDVD2	Elaborate Bytes	05.01.2012		2.9.3.0
Corel Home Office	Corel Corporation	08.12.2010	118,2MB	5.0.87.621
DivxToDVD 0.5.2b	VSO-Software SARL	05.01.2012		0.5.2b
DMM Uninstall		16.06.2011		
DVD Flick 1.3.0.7	Dennis Meuwissen	05.01.2012		1.3.0.7
Energy Star Digital Logo	Hewlett-Packard	25.02.2011	0,29MB	1.0.1
ffdshow	Milan Cutka	19.06.2011		20051221-gcc4.0.2-sse-x264.nl
Free YouTube to MP3 Converter version 3.10.14.1206	DVDVideoSoft Ltd.	23.12.2011	77,6MB	
Google Earth	Google	24.12.2011	92,7MB	6.1.0.5001
HP Documentation	Hewlett-Packard	07.12.2010	784MB	1.5.0.0
HP ESU for Microsoft Windows 7	Hewlett-Packard Company	07.12.2010	16,7MB	1.1.6.1
HP HotKey Support	Hewlett-Packard Company	07.12.2010	13,1MB	3.5.15.1
HP Setup	Hewlett-Packard Company	07.12.2010		8.5.4371.3505
HP SoftPaq Download Manager	Hewlett-Packard Company	07.12.2010	14,4MB	3.0.5.0
HP Software Framework	Hewlett-Packard Company	07.12.2010	2,38MB	4.0.51.1
HP Software Setup	Hewlett-Packard Company	07.12.2010	11,8MB	7.0.1.6
HP Support Assistant	Hewlett-Packard Company	07.12.2010	67,2MB	5.0.14.2
HP Webcam	Roxio	25.02.2011	9,77MB	1.0.19.6
HP Webcam Driver	Realtek Semiconductor Corp.	25.02.2011		6.1.7600.0049
HP Wireless Assistant	Hewlett-Packard	07.12.2010	5,60MB	4.0.6.0
IDT Audio	IDT	25.02.2011		1.0.6275.0
InterActual Player		03.08.2011		
JamGuru 1.0 RC5	Ultimate-Guitar	28.10.2011		1.0 RC5
Java(TM) 6 Update 26	Oracle	13.08.2011	94,9MB	6.0.260
LightScribe System Software	LightScribe	07.12.2010	23,4MB	1.18.12.1
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	31.01.2012	17,4MB	1.60.1.1000
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	04.05.2011	38,8MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	04.05.2011	2,94MB	4.0.30319
Microsoft Office 2010	Microsoft Corporation	07.12.2010	6,31MB	14.0.4763.1000
Microsoft Office Home and Student 2010	Microsoft Corporation	02.05.2011		14.0.4763.1000
Microsoft Office Outlook Connector	Microsoft Corporation	03.05.2011	3,36MB	14.0.5118.5000
Microsoft Silverlight	Microsoft Corporation	05.01.2012	40,4MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	03.05.2011	1,70MB	3.1.0000
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	19.06.2011	0,33MB	8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	07.12.2010	0,69MB	8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	07.12.2010	0,77MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148	Microsoft Corporation	25.02.2011	0,77MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	25.02.2011	0,58MB	9.0.30729.4148
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	07.01.2012	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	07.01.2012	1,33MB	4.20.9876.0
Nero BurnLite 10	Nero AG	05.01.2012	57,6MB	10.0.10600
Nero Toolbar	Ask.com	05.01.2012	1,66MB	1.6.9.0
Nero Update	Nero AG	05.01.2012	1,44MB	1.0.0018
Norton Internet Security	Symantec Corporation	02.05.2011		18.6.0.29
Norton Online Backup	Symantec	02.05.2011	3,30MB	2.0.0.34
PDF Complete Special Edition	PDF Complete, Inc	25.02.2011		3.5.117
Pokemon Online 1.0.21	Dreambelievers	13.06.2011	44,4MB	
QuickTime Alternative 1.81		23.12.2011		1.81
RealPlayer	RealNetworks	19.06.2011		
Realtek Ethernet Controller All-In-One Windows Driver	Realtek	07.12.2010		1.12.0011
Roxio Creator Business	Roxio	25.02.2011	324MB	10.3.56.21
Skype™ 4.2	Skype Technologies S.A.	25.02.2011	31,7MB	4.2.163
SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48	eRightSoft	19.06.2011	39,5MB	v2011.build.48
SymSilent	Symantec Corporation	25.02.2011		
Synaptics Pointing Device Driver	Synaptics Incorporated	08.12.2010		15.0.10.0
VideoLAN VLC media player 0.8.6i	VideoLAN Team	29.06.2011		0.8.6i
Wann	Appadaumen.de	17.08.2011		1.0.0.1
Windows 7 Default Setting	Hewlett-Packard Company	07.12.2010	32,00KB	1.0.1.7
Windows Live Essentials	Microsoft Corporation	04.05.2011		15.4.3508.1109
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	03.05.2011	5,58MB	15.4.5722.2
Windows Movie Maker 2.6	Microsoft Corporation	03.12.2011	8,85MB	2.6.4037.0
WinZip 14.5	WinZip Computing, S.L. 	02.05.2011	20,0MB	14.5.9095
         
5) Der Scan bei OTL:
Code:
ATTFilter
OTL logfile created on: 01.02.2012 15:49:37 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,54% Memory free
3,49 Gb Paging File | 1,93 Gb Available in Paging File | 55,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 92,03 Gb Free Space | 42,69% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.01.26 22:12:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\admin\Downloads\OTL.exe
PRC - [2011.12.26 00:55:04 | 000,247,968 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
PRC - [2011.06.20 01:31:06 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011.04.08 11:59:52 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.09.16 12:22:39 | 009,319,792 | ---- | M] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Program Files (x86)\bob internet\bobInternet.exe
PRC - [2010.07.13 00:47:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.03.06 23:39:08 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2009.01.12 13:15:52 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2010.08.20 15:14:19 | 001,316,864 | ---- | M] () -- C:\Program Files (x86)\bob internet\Skins\bob\bob.dbskin
MOD - [2010.08.19 18:32:30 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\bob internet\resetregistry.dll
MOD - [2010.02.22 20:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010.02.22 20:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010.02.22 20:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.05 00:22:44 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.07.30 04:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.04.05 20:12:00 | 000,103,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010.03.17 13:48:42 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.03.03 11:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe -- (AESTFilters)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2010.12.21 06:38:22 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.07.13 00:47:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.06 23:39:08 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2010.03.01 19:27:22 | 000,264,248 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.12 13:15:52 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe -- (NMSAccess)
SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.07.08 16:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.05.11 20:04:46 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.03.31 04:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 04:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.15 03:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 07:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.26 10:42:04 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.01.27 07:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 06:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.09.22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.08.11 17:43:00 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.08.05 00:52:36 | 006,859,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.08.04 23:47:20 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.07.20 22:26:42 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.07.20 22:26:38 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.07.20 22:26:34 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.07.14 15:25:38 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.05.21 03:06:38 | 000,096,384 | ---- | M] (Realtek Semiconductor Corp.) [2 MP Fixed] [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvc.sys -- (rtsuvc)
DRV:64bit: - [2010.05.03 23:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.19 12:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010.03.17 13:48:42 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.03.09 18:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010.03.02 13:59:32 | 000,121,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2010.02.26 19:32:58 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010.02.16 21:24:20 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011.06.03 02:08:18 | 000,488,056 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110629.050\IDSviA64.sys -- (IDSVia64)
DRV - [2011.05.19 20:37:05 | 001,143,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110616.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.05.18 19:39:23 | 002,011,768 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\EX64.SYS -- (NAVEX15)
DRV - [2011.05.18 19:39:22 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20110630.002\ENG64.SYS -- (NAVENG)
DRV - [2011.05.10 20:21:22 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.05.10 20:21:22 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\Firefox [2010.12.09 00:14:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.12.09 00:14:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.12.09 00:14:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ [2011.10.18 15:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_4_3 [2012.02.01 14:38:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.01.26 21:57:46 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2237.0\npwinext.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF6B0702-F848-4A2D-A575-7F9C9A79D8CB}: DhcpNameServer = 151.99.125.2 151.99.125.3 194.20.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FBB0385C-3D38-42C1-B33B-241D891D0C0D}: NameServer = 194.48.124.202 194.48.124.200
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) -credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.01 15:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.01 15:46:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.01 14:51:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2012.02.01 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.01 14:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.01 14:51:08 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.02.01 14:51:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.01 14:35:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.01.31 20:37:16 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Skype
[2012.01.23 13:58:47 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2012.01.23 13:58:46 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012.01.23 13:58:46 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012.01.23 13:58:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2012.01.23 13:58:46 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2012.01.23 13:58:46 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2012.01.19 19:39:58 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.01.11 16:24:36 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Outlook-Dateien
[2012.01.11 16:16:07 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012.01.11 16:16:07 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012.01.11 16:16:07 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012.01.11 16:16:07 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012.01.11 16:16:03 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012.01.11 16:16:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012.01.11 16:16:02 | 001,739,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2012.01.11 16:16:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012.01.11 16:16:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2012.01.08 02:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.01.06 22:36:05 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\DivXToDvd
[2012.01.06 22:31:19 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Nero
[2012.01.06 22:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012.01.06 22:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2012.01.06 22:29:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2012.01.06 20:52:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
[2012.01.06 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vso
[2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2012.01.06 18:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2012.01.06 18:16:17 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\DVD Flick
[2012.01.06 18:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick
[2012.01.06 18:15:50 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscomct2.ocx
[2012.01.06 18:15:50 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.ocx
[2012.01.06 18:15:50 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comct232.ocx
[2012.01.06 18:15:50 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\windows\SysWow64\ssubtmr6.dll
[2012.01.06 18:15:50 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\windows\SysWow64\trayicon_handler.ocx
[2012.01.06 18:15:50 | 000,028,672 | ---- | C] (-) -- C:\windows\SysWow64\mousewheel.ocx
[2012.01.06 18:15:49 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\richtx32.ocx
[2012.01.06 18:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Flick
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.01 15:46:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.01 14:51:10 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.01 14:45:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.01 14:45:53 | 000,019,760 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.01 14:45:10 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.02.01 14:45:10 | 000,654,340 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.02.01 14:45:10 | 000,616,182 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.02.01 14:45:10 | 000,130,180 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.02.01 14:45:10 | 000,106,562 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.02.01 14:38:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.02.01 14:37:46 | 1875,443,712 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.28 05:52:38 | 000,000,172 | ---- | M] () -- C:\windows\SysNative\drivers\NISx64\1207000.00D\isolate.ini
[2012.01.20 15:38:15 | 000,023,552 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.06 20:52:14 | 000,001,035 | ---- | M] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk
[2012.01.06 18:37:17 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.01.06 18:36:09 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\CloneDVD2.lnk
[2012.01.06 18:15:54 | 000,001,914 | ---- | M] () -- C:\Users\admin\Desktop\DVD Flick.lnk
 
========== Files Created - No Company Name ==========
 
[2012.02.01 15:46:45 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.02.01 14:51:10 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.30 20:58:05 | 000,002,297 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012.01.30 20:58:04 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\SUPER ©.lnk
[2012.01.30 20:58:04 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.01.30 20:58:04 | 000,000,914 | ---- | C] () -- C:\Users\Public\Desktop\Pokemon Online.lnk
[2012.01.30 20:58:03 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012.01.30 20:58:03 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.01.30 20:58:03 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2012.01.30 20:58:03 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\JamGuru.lnk
[2012.01.30 20:58:03 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Corel Home Office.lnk
[2012.01.30 20:58:03 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\InterActual Player.lnk
[2012.01.30 20:58:02 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browserwahl.lnk
[2012.01.30 20:58:02 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\CloneDVD2.lnk
[2012.01.30 20:58:02 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\bob internet.lnk
[2012.01.30 20:57:57 | 000,000,836 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2012.01.30 20:57:33 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
[2012.01.30 20:57:33 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012.01.30 20:57:33 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.01.30 20:57:33 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012.01.30 20:57:32 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.01.30 20:57:32 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.01.30 20:57:32 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012.01.30 20:57:32 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012.01.30 20:57:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.01.30 20:57:32 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.01.30 20:57:32 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012.01.30 20:57:31 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2012.01.30 20:57:31 | 000,001,663 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Software Setup.lnk
[2012.01.30 20:57:31 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2012.01.30 20:57:31 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.01.30 20:57:30 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.01.30 20:57:30 | 000,001,153 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alive Video Converter 5.lnk
[2012.01.30 20:57:30 | 000,000,955 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2012.01.06 20:52:14 | 000,001,035 | ---- | C] () -- C:\Users\admin\Desktop\VSO DivxToDVD.lnk
[2012.01.06 18:37:17 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.01.06 18:15:53 | 000,001,914 | ---- | C] () -- C:\Users\admin\Desktop\DVD Flick.lnk
[2011.09.28 16:17:21 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.08.04 16:15:53 | 000,000,000 | ---- | C] () -- C:\windows\iPlayer.INI
[2011.06.20 01:33:20 | 000,027,648 | ---- | C] () -- C:\windows\SysWow64\AVSredirect.dll
[2011.06.20 00:23:07 | 000,023,552 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.14 22:00:43 | 000,033,134 | ---- | C] () -- C:\Users\admin\AppData\Roaming\UserTile.png
[2011.02.26 10:37:05 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010.12.09 00:13:09 | 000,000,188 | ---- | C] () -- C:\windows\SysWow64\HPWA.ini
[2010.06.08 14:19:24 | 000,692,224 | ---- | C] () -- C:\windows\SysWow64\libeay32.dll
[2010.06.08 14:19:24 | 000,151,552 | ---- | C] () -- C:\windows\SysWow64\ssleay32.dll
[2010.06.02 13:28:14 | 000,002,189 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2010.04.20 15:31:43 | 000,936,832 | ---- | C] () -- C:\windows\SysWow64\M2ElevatedCalls.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2008.10.04 00:07:10 | 003,754,896 | ---- | C] () -- C:\windows\SysWow64\erdmpg-6.dll
[2008.09.28 18:33:01 | 000,253,952 | ---- | C] () -- C:\windows\SysWow64\Manipulate.dll
[2008.08.28 12:20:38 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\comLyricGetter.dll
[2008.08.28 12:17:22 | 000,097,280 | ---- | C] () -- C:\windows\SysWow64\Uncommon.dll
[2008.08.28 12:17:20 | 000,061,440 | ---- | C] () -- C:\windows\SysWow64\NormalizeDSP.dll
[2006.11.06 20:30:38 | 000,262,144 | ---- | C] () -- C:\windows\SysWow64\lame_enc.dll
[2005.12.21 11:36:46 | 000,009,728 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2005.11.06 00:34:50 | 000,145,408 | ---- | C] () -- C:\windows\SysWow64\Lame.exe
[2005.05.17 21:37:10 | 000,076,800 | ---- | C] () -- C:\windows\SysWow64\Faac.exe
[2002.07.19 17:48:22 | 000,157,696 | ---- | C] () -- C:\windows\SysWow64\OggEnc.exe
[2002.01.25 07:04:50 | 000,005,440 | ---- | C] () -- C:\windows\SysWow64\mciwa16.dll
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspsbext.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfidrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspfbase.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspaudrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\pspapdrv.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mciwaw95.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspwa.ini
[2002.01.25 07:04:50 | 000,000,221 | ---- | C] () -- C:\windows\SysWow64\mcipspct.ini
[2002.01.25 07:04:50 | 000,000,220 | ---- | C] () -- C:\windows\SysWow64\pspwave.ini
[2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspdss.ini
[2002.01.25 07:04:50 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\pspddi.ini
 
========== LOP Check ==========
 
[2011.12.24 17:22:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoft
[2011.12.24 17:22:32 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.24 14:46:10 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MPEG Streamclip
[2011.12.04 20:51:51 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OffbeatEngine
[2011.06.14 22:00:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\PeerNetworking
[2012.01.26 21:58:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Program Files (x86)
[2012.01.08 13:43:47 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 01.02.2012 15:49:37 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\admin\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,54% Memory free
3,49 Gb Paging File | 1,93 Gb Available in Paging File | 55,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 215,59 Gb Total Space | 92,03 Gb Free Space | 42,69% Space Free | Partition Type: NTFS
Drive D: | 25,61 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 1,99 Gb Total Space | 1,98 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
 
Computer Name: ADMIN-HP | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{2C69D297-A524-1FB1-5C00-1C52363E044F}" = ccc-utility64
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}" = HP HotKey Support
"{560932B5-8702-7FB8-01AE-265EA44FAEEB}" = ATI Catalyst Install Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C7AE4EC3-9C13-4213-8457-74D16B353F91}" = HP Web Camera
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}" = HP Wireless Assistant
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07B22FB1-6A1E-41E7-8323-A9CA716026ED}" = bob internet
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B2187A6-8ACC-4012-9817-9221211EF407}" = Corel Home Office - IPM
"{0C7A1F10-3965-190D-3409-B0DD7C45C0EE}" = CCC Help Italian
"{14B61ABC-D4A7-BCF5-92BE-95CEB8DF4374}" = CCC Help Czech
"{16CA9DAC-6A40-4204-A826-33C4D52A266C}" = Catalyst Control Center - Branding
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1C598CE5-344B-997B-FF33-2976D689C0AC}" = CCC Help Greek
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1D61E881-43CD-447B-9E6B-D2C6138B2862}" = HP Webcam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1" = Pokemon Online 1.0.21
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39C5A498-FA1A-2473-34D1-6755E5A1BC99}" = CCC Help German
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4911AA-98AA-F2E0-1BF4-2E2737D1C95C}" = Catalyst Control Center InstallProxy
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Business
"{5478075D-1797-1C4C-B3F0-DC8ECCA7D5C3}" = Catalyst Control Center Localization All
"{54B29835-EF99-41D2-9104-F159DE62F165}" = Bing Bar Platform
"{558ED580-6168-AF04-C71F-E63B0E149E21}" = CCC Help Korean
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79CF6EF9-8C9A-F284-5042-B5B54645B5F8}" = CCC Help Norwegian
"{7F30B436-1196-1401-9A4F-CFF6C10D6EBA}" = CCC Help Polish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{84EC6CDF-E378-0EBA-E4C2-BBD5489CD4EF}" = CCC Help Japanese
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{919D10CE-CADB-8D08-3429-7FB1DFA3B043}" = CCC Help Spanish
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9978D298-9AA1-99EE-9975-18AAEF34DE0C}" = CCC Help Dutch
"{9CD3BB19-993E-469D-9E1F-B57A175C1411}" = HP Software Framework
"{9D4D0B44-0A55-1905-5CF4-8A6EC311673F}" = CCC Help Russian
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A005479C-7D10-A4CB-0BAD-5D8765E141C6}" = CCC Help Turkish
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C2036B7D-C21E-38E9-FB0B-3746E82B898B}" = CCC Help Hungarian
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D10B94E4-8545-CA0F-EDE9-41F62272A0DE}" = CCC Help Portuguese
"{D35A9E39-05F9-0D80-C41C-71B2FDCBE5E9}" = CCC Help Chinese Standard
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9989A13-B173-4048-B8A5-93C204DCB1B3}" = HP ESU for Microsoft Windows 7
"{DB393B0B-4A5D-7B50-AD80-3772372C4243}" = CCC Help Thai
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = HP Webcam Driver
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4756B93-69FF-D723-D7F8-97FFE73A0D2C}" = CCC Help French
"{E4C82543-E98E-E66D-84A7-9C9235ADF9CE}" = CCC Help English
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E684A226-D7B1-4B14-9778-44AD48A654F0}" = Corel Home Office
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}" = HP Setup
"{E8CA17C0-5A35-3CF1-C50F-1E9783FFB08B}" = CCC Help Swedish
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Business v10
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0261797-E2ED-8BEC-7B6F-A7C0A0E478FF}" = ccc-core-static
"{F097D8DF-B207-4EA1-91A4-A21B8425F9B4}" = HP Documentation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F6CEF69E-35EA-6086-6D7D-21E89FD70B16}" = CCC Help Finnish
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{F8801800-9E88-3AB1-21DA-E50EFA0F771E}" = CCC Help Danish
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}" = HP Support Assistant
"{FC6256BB-BDD4-AB91-451B-86896F236769}" = CCC Help Chinese Traditional
"7-Zip" = 7-Zip 9.20
"Alive Video Converter 5_is1" = Alive Video Converter (version 5.2.0.2)
"Audacity_is1" = Audacity 1.2.6
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Blaze Media Pro" = Blaze Media Pro
"bob internet" = bob internet
"CDex" = CDex extraction audio
"CloneDVD2" = CloneDVD2
"DMM" = DMM Uninstall
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ffdshow" = ffdshow
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"HyperCam 2" = HyperCam 2
"InterActual Player" = InterActual Player
"JamGuru" = JamGuru 1.0 RC5
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PDF Complete" = PDF Complete Special Edition
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealPlayer 12.0" = RealPlayer
"SymSilent" = SymSilent
"VLC media player" = VideoLAN VLC media player 0.8.6i
"VSO DivxToDVD_is1" = DivxToDVD 0.5.2b
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"e83469ef54194a3b" = Wann
 
========== Last 10 Event Log Errors ==========
 
[ Hewlett-Packard Events ]
Error - 09.06.2011 04:55:59 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201106091055.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 30.06.2011 05:33:03 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201106301133.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 18.08.2011 02:08:27 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\081118080822.xml
 File not created by asset agent
 
Error - 18.08.2011 02:09:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201108180809.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 01.09.2011 11:32:17 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201109011732.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 29.12.2011 08:33:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201112291333.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 05.01.2012 13:32:23 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011205063213.xml
 File not created by asset agent
 
Error - 05.01.2012 14:02:47 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201051902.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 12.01.2012 16:54:50 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201122154.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
Error - 19.01.2012 09:54:09 | Computer Name = admin-HP | Source = Hewlett-Packard | ID = 0
Description = de-AT Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
 Framework\Logs\Temp\HPSA\HPSASession_201201191454.xml" konnte nicht gefunden werden.
mscorlib

   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)     bei
 System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     bei System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
 options)     bei System.IO.StreamWriter.CreateFile(String path, Boolean append)    
 bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
 Int32 bufferSize)     bei System.IO.StreamWriter..ctor(String path, Boolean append,
 Encoding encoding)     bei System.IO.File.WriteAllText(String path, String contents,
 Encoding encoding)     bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()

 
[ HP Wireless Assistant Events ]
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597    at HP_Common.CaslWrapper.GetDeviceInfo(List`1&
 radioList)     at HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
Error - 26.02.2011 05:35:39 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception Register() failed : e_GENERAL_EXCEPTION    at HP_Common.CaslWrapper.Register(EventArrivedEventHandler
 handler)     at HPPA_Service.CurrentConfiguration..ctor()
 
Error - 26.02.2011 05:35:42 | Computer Name = N50Q7AQNNSTV8 | Source = HP WA Service | ID = 0
Description = System.Exception GetPMCCalibrationData() failed : 597    at HP_Common.CaslWrapper.GetPMCCalibrationData(PMCCalibrationData&
 calibration)     at HPPA_Service.HPPA_Service.ServiceWorkerMethod()
 
Error - 04.12.2011 14:42:55 | Computer Name = admin-HP | Source = HP WA Service | ID = 0
Description = System.Exception GetDeviceInfo() failed : 597    bei HP_Common.CaslWrapper.GetDeviceInfo(List`1&
 radioList)     bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ Media Center Events ]
Error - 06.10.2011 04:43:13 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:43:06 - Fehler beim Herstellen der Internetverbindung.  10:43:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.10.2011 04:47:20 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:20 - Fehler beim Herstellen der Internetverbindung.  10:47:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 09.10.2011 04:47:31 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 10:47:25 - Fehler beim Herstellen der Internetverbindung.  10:47:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10.10.2011 07:47:48 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:48 - Fehler beim Herstellen der Internetverbindung.  13:47:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 10.10.2011 07:48:03 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:47:53 - Fehler beim Herstellen der Internetverbindung.  13:47:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.10.2011 07:43:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:33 - Fehler beim Herstellen der Internetverbindung.  13:43:33 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.10.2011 07:43:45 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:43:38 - Fehler beim Herstellen der Internetverbindung.  13:43:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.10.2011 07:46:17 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:17 - Fehler beim Herstellen der Internetverbindung.  13:46:17 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 13.10.2011 07:46:33 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 13:46:23 - Fehler beim Herstellen der Internetverbindung.  13:46:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.10.2011 08:32:19 | Computer Name = admin-HP | Source = MCUpdate | ID = 0
Description = 14:32:08 - Fehler beim Herstellen der Internetverbindung.  14:32:08 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 03.10.2011 12:38:08 | Computer Name = admin-HP | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 04.10.2011 18:10:39 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
Error - 05.10.2011 09:41:16 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
Error - 06.10.2011 18:08:12 | Computer Name = admin-HP | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Alt 01.02.2012, 19:35   #7
kira
/// Helfer-Team
 
Failed to save all the components for the file \\System32\\ [...] - Standard

Failed to save all the components for the file \\System32\\ [...]



1.
Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software):
Code:
ATTFilter
Bing Bar 
-> Bing Bar aus Firefox und Internet Explorer entfernen
         
Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...
- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

2.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
deinstalliere unter Software/Programme:

Code:
ATTFilter
 Adware -Toolbar:

Nero Toolbar Ask.com
         
4.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.16 16:43:21 | 000,000,421 | R--- | M] () - D:\AutoRun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.08.11 18:15:32 | 000,342,864 | R--- | M] () - D:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009.05.19 13:56:57 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

:Commands
[purity]
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.
    Kopiere den Inhalt hier in Deinen Thread.

5.
reinige dein System mit CCleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

6.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

7.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

8.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________

Warnung!:
Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein!
Anhang nicht öffnen, in unserem Forum erst nachfragen!

Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!
Bitte diese Warnung weitergeben, wo Du nur kannst!

Antwort

Themen zu Failed to save all the components for the file \\System32\\ [...]
64-bit, 7-zip, adobe, audacity, bho, bildschirm, converter, defender, document, error, explorer, failed, failed to save all the components for the file \\system32, fehler, firefox, flash player, format, google earth, helper, home, intrusion prevention, logfile, microsoft office word, mp3, nicht gefunden, plug-in, problem, realtek, rundll, scan, schattenkopien, security, software, super, symantec, system, systemwiederherstellung gemacht, version=1.0, video converter, webcheck, windows




Ähnliche Themen: Failed to save all the components for the file \\System32\\ [...]


  1. failed to save all the components for the file \\system32\
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (6)
  2. failed to save all components for the file \\system32\\00001891........
    Log-Analyse und Auswertung - 26.03.2012 (10)
  3. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 21.03.2012 (13)
  4. Windows 7 Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 10.03.2012 (5)
  5. Failed to save all the components for the file \\System32
    Log-Analyse und Auswertung - 22.02.2012 (3)
  6. Failed to save all the components for the file \\System32 usw...
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (15)
  7. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 12.02.2012 (1)
  8. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 16.01.2012 (26)
  9. failed to save all the components for the file system32
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (2)
  10. WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 25.11.2011 (7)
  11. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
    Log-Analyse und Auswertung - 15.11.2011 (35)
  12. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - St
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (16)
  13. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  14. Windows 7 Failed to save all the components for the file System32\\00...
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (3)
  15. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  16. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (10)
  17. Windows - Delayed Write Failed. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 07.11.2011 (12)

Zum Thema Failed to save all the components for the file \\System32\\ [...] - Hallo! Ich habe ein hier wohl altbekanntes Problem, das hier schon öfters aufgetaucht ist. Allerdings muss man so wie ich das verstanden hab seinen individuellen OTL Log angeben, deshalb dieses - Failed to save all the components for the file \\System32\\ [...]...
Archiv
Du betrachtest: Failed to save all the components for the file \\System32\\ [...] auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.