Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: bump.exe - 70-90% Systemauslastung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 27.01.2012, 22:53   #1
enibutton
 
bump.exe - 70-90% Systemauslastung - Standard

bump.exe - 70-90% Systemauslastung



Hallo!!

ich habe das Problem, dass meine Systemauslastung extrem hoch ist. Bei den Prozessen ist mir aufgefallen, dass ganz oben eine bump.exe auftaucht und dann wieder von selbst verschwindet. Dazu habe ich mich hier im Forum ein wenig schlau gemacht:
http://www.trojaner-board.de/92010-7...w-cmd-exe.html

Ich bin den Ratschlägen schonmal gefolgt und hab die Scans mit Malewarebytes und OTL gemacht.

Hoffe, mir kann jemand weiterhelfen! (Ich sollte noch dazu sagen, dass ich eine Frau bin, keinerlei Ahnung von Computern habe und deswegen eine Kindgerechte Erklärung für die weiteren Schritte bräuchte... ^^)

Hier sind die Logs dazu:

Malwarebytes Anti-Malware (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2012.01.27.02

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
pc :: PC-PC [Administrator]

Schutz: Aktiviert

27.01.2012 13:08:21
mbam-log-2012-01-27 (22-35-06).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 353658
Laufzeit: 9 Stunde(n), 25 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\$Recycle.Bin\S-1-5-21-594920340-1034208480-2283970024-1000\$RUAZMS2.8\router\FRITZ!Box\nc.exe (PUP.Netcat) -> Keine Aktion durchgeführt.
C:\w7lxe-v10.exe\w7lxe-v10.exe (Riskware.Tool.CK) -> Keine Aktion durchgeführt.
C:\Windows.old\Program Files\WirelessNetView 1.03\WirelessNetView.exe (PUP.WirelessNetworkTool) -> Keine Aktion durchgeführt.

(Ende)







OTL logfile created on: 27.01.2012 22:37:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\pc\Downloads
Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,93 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,95% Memory free
3,86 Gb Paging File | 2,69 Gb Available in Paging File | 69,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 18,12 Gb Free Space | 24,34% Space Free | Partition Type: NTFS
Drive D: | 568,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PC-PC | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\pc\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\hale.exe ()
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\HPSIsvc.exe (HP)
PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Programme\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Programme\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Programme\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
PRC - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe (Teleca Sweden AB)
PRC - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\slui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Programme\Schomaecker\QPilot-Client\Client-Service\QPilot-Client-Service-Dienst.exe (Schomäcker GmbH)
PRC - C:\Programme\Schomaecker\QPilot-Client\Client-GUI\QPilot-Client-GUI.exe (Schomäcker GmbH)
PRC - C:\Programme\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)


========== Modules (No Company Name) ==========

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\System32\hale.exe ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\fsync.dll ()
MOD - C:\Programme\HTC\HTC Sync\ClientInitiatedStarter\fsync.dll ()
MOD - C:\Programme\HTC\HTC Sync\Mobile Phone Monitor\tcpsock_object.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XAWT64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XXML64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XKRN64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XXXL64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XMIS64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XMNG64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XSWN64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XSEC64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XSQL64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XSSE64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XSND64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XPKC64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XJCE64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\jetrt\XRMI64010.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\bin\java.dll ()
MOD - C:\Programme\Schomaecker\QPilot-Client\Common\rt\bin\jetvm\jvm.dll ()
MOD - C:\Programme\Common Files\Teleca Shared\boost_log-vc80-mt-1_33.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HPSIService) -- C:\Windows\System32\HPSIsvc.exe (HP)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Client-Service-Windows) -- C:\Program Files\Schomaecker\QPilot-Client\Client-Service\QPilot-Client-Service-Dienst.exe (Schomäcker GmbH)
SRV - (GtDetectSc) -- C:\Program Files\T-Mobile\web'n'walk Manager\GtDetectSc.exe (Option)


========== Driver Services (SafeList) ==========

DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Company)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (e1yexpress) Intel(R) -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (GT72NDISIPXP) -- C:\Windows\System32\drivers\Gt51Ip.sys (Option NV)
DRV - (GT72UBUS) -- C:\Windows\System32\drivers\gt72ubus.sys (Option N.V.)
DRV - (GTPTSER) -- C:\Windows\System32\drivers\gtptser.sys (Option N.V.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 35 82 AF F4 0C CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.08.28 16:00:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.27 23:16:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011.05.07 21:28:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pc\AppData\Roaming\mozilla\Extensions
[2012.01.26 12:13:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pc\AppData\Roaming\mozilla\Firefox\Profiles\i3vw4q99.default\extensions
[2012.01.15 19:15:36 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\pc\AppData\Roaming\mozilla\Firefox\Profiles\i3vw4q99.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.26 12:13:11 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\pc\AppData\Roaming\mozilla\Firefox\Profiles\i3vw4q99.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.01.15 19:02:48 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\pc\AppData\Roaming\mozilla\Firefox\Profiles\i3vw4q99.default\extensions\fbdislike@doweb.fr
[2011.05.07 21:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\PC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I3VW4Q99.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.12.27 23:16:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.12.27 23:16:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.27 23:16:32 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.12.27 23:16:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.27 23:16:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.27 23:16:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.27 23:16:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKCU..\Run: [Facebook Update] C:\Users\pc\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\pc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{083551D1-7103-408C-8CE9-2AF16AFDC591}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF330B65-1005-493A-BD29-688900D7CE4B}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a01b57dd-02dd-11e1-a5c8-00247e3b2da2}\Shell - "" = AutoRun
O33 - MountPoints2\{a01b57dd-02dd-11e1-a5c8-00247e3b2da2}\Shell\AutoRun\command - "" = E:\setup.exe AUTORUN=1
O33 - MountPoints2\{c68f8c6d-2025-11e1-9295-00247e3b2da2}\Shell - "" = AutoRun
O33 - MountPoints2\{c68f8c6d-2025-11e1-9295-00247e3b2da2}\Shell\AutoRun\command - "" = E:\SISetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.27 13:07:48 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.01.27 13:01:52 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\Malwarebytes
[2012.01.27 13:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.27 13:01:45 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.01.27 13:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.01.27 13:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.27 12:43:22 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{CDA50DB3-1DF8-463D-B823-4A743C0FA19E}
[2012.01.27 12:43:11 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{6F611CF3-ABB4-46E0-BE5B-8F6F0BBE5A69}
[2012.01.26 11:35:39 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{FAE8DEA8-6523-49DA-B8FD-1859F669CAF8}
[2012.01.24 16:49:15 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{83FF757D-FB23-4E41-B4E7-FA35CCA54E9A}
[2012.01.24 16:49:01 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{F111F1DF-FDF7-4A67-B7D8-7E2BC586C480}
[2012.01.23 19:12:47 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{21C61B3F-F17B-4FA7-9F5D-756AE24CEF05}
[2012.01.23 19:12:36 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{2FB1B2C0-7A33-448D-8D45-C99B3FDE5F32}
[2012.01.22 12:27:16 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{489A9658-579D-4711-AB60-B66BCA281915}
[2012.01.22 12:27:04 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{E07733B8-6B1A-4359-95C0-8CFDB5A57CDE}
[2012.01.21 11:41:58 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{3AE81180-07A1-416E-A888-B2493B24B277}
[2012.01.21 11:41:35 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{34DE97BE-F681-44AA-8D87-F4E80D3DE3A9}
[2012.01.18 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{2B51664A-596A-4157-A8ED-4B7E824C5BB0}
[2012.01.18 19:51:13 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C2C4575F-FBC2-4FA5-9491-5B2D6B0883E8}
[2012.01.17 12:45:21 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{25E2D126-2673-48C9-9601-532C61E2EE88}
[2012.01.17 12:45:09 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{9AFBA30F-9E2A-4B9C-8BCA-509697CCFB18}
[2012.01.16 23:24:55 | 000,000,000 | ---D | C] -- C:\Users\pc\Desktop\Unterricht
[2012.01.16 22:31:07 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{B05093BF-C8E4-4971-8485-3CB7E2FE8196}
[2012.01.16 22:30:57 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{F1F5C36A-41FA-45EC-9110-18C8C3EC4513}
[2012.01.16 22:30:46 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{E0800B91-0B6E-4B94-9FB6-F2D1CC4B6E25}
[2012.01.16 22:30:25 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{3C4BF724-8CAA-47DF-88D6-4C37B58D11E0}
[2012.01.16 10:29:48 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{03CEB41A-34C9-475D-853C-8FD5B4C4CD7F}
[2012.01.16 10:29:36 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{FC4C4FA7-53D5-4768-9A47-BB14E5732179}
[2012.01.15 19:35:50 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{69CFFC9E-C81B-4756-B9EB-6E9D1901203E}
[2012.01.15 19:35:37 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{E0D6A397-F840-41DB-A748-5090AEC28668}
[2012.01.15 19:32:01 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.01.15 19:28:05 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012.01.15 19:28:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012.01.15 19:28:05 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012.01.15 19:26:54 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012.01.15 19:25:39 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2012.01.15 19:25:38 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2012.01.15 19:15:45 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\DVDVideoSoft
[2012.01.15 19:15:35 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.15 19:15:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.01.15 19:15:22 | 000,000,000 | ---D | C] -- C:\Users\pc\Documents\DVDVideoSoft
[2012.01.15 19:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2012.01.15 19:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012.01.15 12:59:57 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{04D4FA3E-7D58-4649-B126-71E733070255}
[2012.01.15 12:59:45 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{1DD217CF-E34E-4CB6-89DA-CBF580089409}
[2012.01.14 01:47:18 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{7E14C7D0-DF27-43FC-B6D2-9CE7BF534167}
[2012.01.13 18:01:30 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.01.13 18:01:30 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.01.13 12:52:33 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{5382C462-B597-4A1F-A6F5-3A409F17FBF2}
[2012.01.13 12:52:19 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{1657EA4C-0D7B-4BD8-86A2-86610017BB7E}
[2012.01.12 21:59:01 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{36E538E9-9ABF-4C7F-9BA7-3809C4BAC4AF}
[2012.01.12 21:58:47 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{AF6EDC7A-7E36-4017-8511-B703408F623E}
[2012.01.12 08:47:39 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{516F8B3E-4F6F-4E2B-ACE5-584728EA7C3F}
[2012.01.12 08:47:27 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{EA23351F-3B52-48BB-8FBB-1A4F260225FE}
[2012.01.11 20:39:26 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.01.11 20:39:25 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.01.11 20:39:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.01.11 20:34:33 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{78DDF8E9-B81E-473A-B39D-261A829CBBB1}
[2012.01.11 20:34:22 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{87FF1FBA-BC3E-496D-8A3B-7C3C6307B932}
[2012.01.10 12:06:11 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{F59A2707-1662-47A5-A91D-0878BF1CBEA1}
[2012.01.10 12:05:50 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{5D8F7585-24D5-48BF-AA67-F02D99817D73}
[2012.01.09 21:02:07 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{DA1517C6-2818-4DDC-A2F8-8A57C86480D4}
[2012.01.09 21:01:53 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{F5B0DB88-7E0C-4267-B031-72A95DEF1945}
[2012.01.08 15:31:11 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{4993D11E-C014-4C2E-9704-7B8771C098AB}
[2012.01.08 15:30:56 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{D8245715-70B1-4077-8D3A-F8F7CCFF5313}
[2012.01.06 12:51:13 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{832D36E3-DE53-4A98-ACF7-0B9C407C3547}
[2012.01.06 12:50:59 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C81EDE90-8478-4E8E-BAF5-33C40C20F79F}
[2012.01.05 12:17:50 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C825B396-D8F3-43AC-94DE-87330B08C985}
[2012.01.05 12:17:38 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{3B956DB2-76BF-4263-A40C-73929015D2D3}
[2012.01.04 17:09:43 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{9A8E6E5A-F72D-482B-8CB3-BBCE13166AAE}
[2012.01.04 17:09:30 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{6E7875DC-488D-4B90-AC0C-6ED54EE114EA}
[2012.01.03 11:44:16 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C7A9AD18-2664-4C10-9B14-9B547688B5BD}
[2012.01.03 11:44:04 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{C748A544-A08B-46EE-B49F-1620A1B90364}
[2012.01.02 23:09:13 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{2A380BE1-2C3B-4496-814A-3B84E098FCCB}
[2012.01.02 23:09:01 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{05BC307B-9999-4752-8438-DC70F3E95EA7}
[2012.01.02 11:47:23 | 000,000,000 | -H-D | C] -- C:\Users\pc\Desktop\.picasaoriginals
[2012.01.02 10:38:47 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{70910427-E659-446B-8791-8BBFAD6BBB72}
[2012.01.02 10:38:34 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{E51E7671-DE3F-48BB-B5B1-4654001AA67E}
[2012.01.01 13:46:36 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{2C3DBFC7-7C26-48CD-9187-9731774E95BD}
[2012.01.01 13:46:23 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{0B2A0FCA-9C76-4090-849C-219A40A9382E}
[2011.12.31 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{A92AEF40-C918-4DFE-B93B-13854BEA67C6}
[2011.12.31 14:08:27 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{9E0BBCA6-9823-4557-BDE7-3E3C9D038A8C}
[2011.12.30 20:39:32 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{A2F35BB4-FD34-4AD3-9CC2-AC6F4C2309C1}
[2011.12.30 20:39:20 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{9508F7B0-FEED-4CDD-912B-BFD287B4FFA4}
[2011.12.29 23:36:29 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{2A81354E-B5EB-4FF4-AAFC-D9C6D1BCD446}
[2011.12.29 23:36:15 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{0305CC48-3B3B-4543-A143-14F370D3671A}
[2011.12.29 02:46:31 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{E848B6A0-7CEA-4FD2-A3A6-3E8CA66E7F4D}
[2011.12.29 02:46:16 | 000,000,000 | ---D | C] -- C:\Users\pc\AppData\Local\{B31E9C61-D8AA-4D26-8DF0-18986970DBBE}

========== Files - Modified Within 30 Days ==========

[2012.01.27 22:16:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-594920340-1034208480-2283970024-1000UA.job
[2012.01.27 22:15:57 | 000,009,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.27 22:15:57 | 000,009,984 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.27 22:15:55 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-594920340-1034208480-2283970024-1000Core.job
[2012.01.27 22:15:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.27 13:07:48 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.01.27 13:05:52 | 1553,412,096 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.27 13:01:46 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.27 12:52:34 | 000,657,676 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.27 12:52:34 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.27 12:52:34 | 000,131,016 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.27 12:52:34 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.26 12:06:30 | 000,057,586 | ---- | M] () -- C:\Users\pc\Desktop\Skript BioDid.odt
[2012.01.16 23:45:11 | 000,002,625 | ---- | M] () -- C:\Users\pc\Desktop\Mein Film.wlmp
[2012.01.15 19:29:49 | 000,000,020 | ---- | M] () -- C:\Windows\ ø

========== Files Created - No Company Name ==========

[2012.01.27 13:01:46 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.26 12:06:27 | 000,057,586 | ---- | C] () -- C:\Users\pc\Desktop\Skript BioDid.odt
[2012.01.16 23:45:11 | 000,002,625 | ---- | C] () -- C:\Users\pc\Desktop\Mein Film.wlmp
[2012.01.15 19:31:30 | 000,001,257 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.01.15 19:30:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.01.15 19:29:46 | 000,000,020 | ---- | C] () -- C:\Windows\ ø
[2011.12.06 17:21:36 | 001,511,424 | ---- | C] () -- C:\Windows\System32\HP1100SM.EXE
[2011.12.06 17:21:36 | 000,151,552 | ---- | C] () -- C:\Windows\System32\HP1100LM.DLL
[2011.12.06 17:20:38 | 000,284,160 | ---- | C] () -- C:\Windows\System32\mvhlewsi.DLL
[2011.12.06 17:20:30 | 000,054,272 | ---- | C] () -- C:\Windows\System32\HP1100SMs.dll
[2011.11.04 13:17:56 | 000,000,157 | ---- | C] () -- C:\Windows\ricdb.ini
[2011.06.12 12:52:50 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe
[2009.07.14 10:04:11 | 000,657,676 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:04:11 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:04:11 | 000,131,016 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:04:11 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,406,584 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,618,912 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,107,232 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 00:41:47 | 000,001,536 | ---- | C] () -- C:\Windows\System32\winver.exe
[2009.07.13 23:09:19 | 000,982,196 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2009.07.13 23:09:19 | 000,417,344 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2009.07.13 23:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009.07.13 23:09:19 | 000,097,448 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.01 10:48:16 | 000,053,478 | ---- | C] () -- C:\Windows\mvtcpui.ini

< End of report >



OTL Extras logfile created on: 27.01.2012 22:37:00 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\pc\Downloads
Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1,93 Gb Total Physical Memory | 0,71 Gb Available Physical Memory | 36,95% Memory free
3,86 Gb Paging File | 2,69 Gb Available in Paging File | 69,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 18,12 Gb Free Space | 24,34% Space Free | Partition Type: NTFS
Drive D: | 568,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PC-PC | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25DEC9F7-08C7-4511-9B4A-40A61E40658E}" = web'n'walk Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98B8052E-1E55-41D4-9A03-E2F718825D38}" = HTC Sync
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Free YouTube Download_is1" = Free YouTube Download version 3.0.20.1228
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"QPilot Client Uni-Kassel_is1" = QPilot 4.0 Client
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 15.11.2011 11:28:26 | Computer Name = pc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7600.16385,
Zeitstempel: 0x4a5bc3e6 Name des fehlerhaften Moduls: MSI51CF.tmp, Version: 16.0.0.328,
Zeitstempel: 0x4a2febfa Ausnahmecode: 0xc0000005 Fehleroffset: 0x000a3399 ID des fehlerhaften
Prozesses: 0x9d0 Startzeit der fehlerhaften Anwendung: 0x01cca3ab2c8b1866 Pfad der
fehlerhaften Anwendung: C:\Windows\system32\MsiExec.exe Pfad des fehlerhaften Moduls:
C:\Windows\Installer\MSI51CF.tmp Berichtskennung: 75993796-0f9e-11e1-8fc8-00247e3b2da2

Error - 15.11.2011 11:33:07 | Computer Name = pc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: synccontroller.exe, Version: 5.2.0.525,
Zeitstempel: 0x4b695509 Name des fehlerhaften Moduls: synccontroller.exe, Version:
5.2.0.525, Zeitstempel: 0x4b695509 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000040f7
ID
des fehlerhaften Prozesses: 0xaf8 Startzeit der fehlerhaften Anwendung: 0x01cca3abcf1d939d
Pfad
der fehlerhaften Anwendung: C:\Program Files\HTC\HTC Sync\Sync Manager\synccontroller.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\HTC\HTC Sync\Sync Manager\synccontroller.exe
Berichtskennung:
1d48e7a3-0f9f-11e1-8fc8-00247e3b2da2

Error - 24.11.2011 13:31:26 | Computer Name = pc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.1.33,
Zeitstempel: 0x4e64e4e2 Name des fehlerhaften Moduls: AcroRd32.dll, Version: 10.1.1.33,
Zeitstempel: 0x4e64f98b Ausnahmecode: 0xc0000005 Fehleroffset: 0x000218f8 ID des fehlerhaften
Prozesses: 0x8f8 Startzeit der fehlerhaften Anwendung: 0x01ccaacbeb22d125 Pfad der
fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe Pfad
des fehlerhaften Moduls: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.dll
Berichtskennung:
2295bdfe-16c2-11e1-8611-00247e3b2da2

Error - 25.11.2011 09:40:08 | Computer Name = pc-PC | Source = EventSystem | ID = 4621
Description =

Error - 30.11.2011 13:11:46 | Computer Name = pc-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 10.1.1.33,
Zeitstempel: 0x4e64e4e2 Name des fehlerhaften Moduls: AcroRd32.dll, Version: 10.1.1.33,
Zeitstempel: 0x4e64f98b Ausnahmecode: 0xc0000005 Fehleroffset: 0x000218f8 ID des fehlerhaften
Prozesses: 0xcbc Startzeit der fehlerhaften Anwendung: 0x01ccaf822fd4300c Pfad der
fehlerhaften Anwendung: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe Pfad
des fehlerhaften Moduls: C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.dll
Berichtskennung:
616b902a-1b76-11e1-9a44-00247e3b2da2

Error - 02.12.2011 10:49:05 | Computer Name = pc-PC | Source = Google Update | ID = 20
Description =

Error - 02.12.2011 15:08:58 | Computer Name = pc-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 6.0.2.4262 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: ccc Startzeit:
01ccb125a3eca9cb Endzeit: 0 Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID:
0f540b41-1d19-11e1-94fc-a3129e0bdc51

Error - 09.12.2011 09:29:39 | Computer Name = pc-PC | Source = VSS | ID = 8194
Description =

Error - 04.01.2012 16:54:33 | Computer Name = pc-PC | Source = Google Update | ID = 20
Description =

Error - 04.01.2012 17:05:00 | Computer Name = pc-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 25.11.2011 09:30:34 | Computer Name = pc-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error - 02.12.2011 15:05:31 | Computer Name = pc-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?12.?2011 um 19:49:21 unerwartet heruntergefahren.

Error - 02.12.2011 15:07:20 | Computer Name = pc-PC | Source = DCOM | ID = 10010
Description =

Error - 02.12.2011 16:13:43 | Computer Name = pc-PC | Source = DCOM | ID = 10010
Description =

Error - 06.12.2011 12:21:43 | Computer Name = pc-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "HP SI Service" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error - 09.12.2011 05:25:39 | Computer Name = pc-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 141.51.242.212 registriert werden. Der Computer mit IP-Adresse 141.51.240.57
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 09.12.2011 05:30:50 | Computer Name = pc-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 141.51.242.212 registriert werden. Der Computer mit IP-Adresse 141.51.240.57
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 09.12.2011 10:53:46 | Computer Name = pc-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{083551D1-7103-408C-8CE9-2AF16AFDC591} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error - 09.12.2011 10:53:46 | Computer Name = pc-PC | Source = NetBT | ID = 4321
Description = Der Name "PC-PC :0" konnte nicht auf der Schnittstelle mit
IP-Adresse 141.51.240.203 registriert werden. Der Computer mit IP-Adresse 141.51.242.186
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.

Error - 09.12.2011 10:53:46 | Computer Name = pc-PC | Source = NetBT | ID = 4321
Description = Der Name "PC-PC :20" konnte nicht auf der Schnittstelle mit
IP-Adresse 141.51.240.203 registriert werden. Der Computer mit IP-Adresse 141.51.242.186
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.


< End of report >

Alt 29.01.2012, 19:52   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
bump.exe - 70-90% Systemauslastung - Standard

bump.exe - 70-90% Systemauslastung



Zitat:
C:\w7lxe-v10.exe\w7lxe-v10.exe (Riskware.Tool.CK)
Illegale Cracks/Keygens haben nunmal schlechte Auswirkungen auf das System!

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!

In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________

__________________

Antwort

Themen zu bump.exe - 70-90% Systemauslastung
administrator, adobe flash player, autorun, bho, c:\windows\system32\cmd.exe, computer, computern, dateisystem, defender, document, error, excel.exe, explorer, firefox, flash player, format, helper, heuristiks/extra, heuristiks/shuriken, host.exe, install.exe, ip-adresse, langs, limited.com/facebook, logfile, mbamservice.exe, microsoft office word, monitor, mozilla, msiexec.exe, netzwerk, problem, programme, prozesse, pup.netcat, pup.wirelessnetworktool, recycle.bin, registry, rundll, security, senden, software, studio, t-mobile, taskhost.exe, usb, usb 3.0, version=1.0, webcheck, windows.old




Ähnliche Themen: bump.exe - 70-90% Systemauslastung


  1. Explorer stürzt ab -> cmd.exe, bump.exe und find.exe?
    Log-Analyse und Auswertung - 02.02.2014 (7)
  2. bump.exe + find.exe! CPU Auslastung zwischen 65 - 90 %
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (23)
  3. Bump.exe aufm pc!!!
    Log-Analyse und Auswertung - 20.01.2013 (3)
  4. find.exe, bump.exe, cmd.exe starten immer wieder und kann nichts auf eine SD Karte schreiben
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (3)
  5. Bump.exe, csrss.exe und Find.exe tauchen immer wieder im Task-Manager auf. CPU bei 80%
    Log-Analyse und Auswertung - 13.07.2012 (2)
  6. 100% CPU Auslastung, bump.exe/cmd.exe
    Log-Analyse und Auswertung - 07.03.2012 (1)
  7. Bump.exe Find.exe Cmd.exe und Co. 100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 21.01.2012 (3)
  8. Systemauslastung >80% durch bump.exe und co
    Log-Analyse und Auswertung - 19.01.2012 (18)
  9. bump.exe , find.exe und verlangsamtest Internet
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (3)
  10. CPU Auslastung durch bump.exe und find.exe
    Log-Analyse und Auswertung - 08.02.2011 (7)
  11. 70-90% Systemauslastung bump.exe??? bzw. cmd.exe
    Log-Analyse und Auswertung - 21.10.2010 (5)
  12. 100 % systemauslastung und Offlinebetrieb
    Log-Analyse und Auswertung - 05.08.2010 (30)
  13. IE 100% Systemauslastung
    Mülltonne - 03.10.2008 (0)
  14. Dll Datei 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 27.12.2007 (0)
  15. hohe systemauslastung
    Mülltonne - 17.08.2007 (0)
  16. Mal wieder 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 08.06.2007 (31)
  17. Systemauslastung immer 100%
    Alles rund um Windows - 23.10.2005 (1)

Zum Thema bump.exe - 70-90% Systemauslastung - Hallo!! ich habe das Problem, dass meine Systemauslastung extrem hoch ist. Bei den Prozessen ist mir aufgefallen, dass ganz oben eine bump.exe auftaucht und dann wieder von selbst verschwindet. Dazu - bump.exe - 70-90% Systemauslastung...
Archiv
Du betrachtest: bump.exe - 70-90% Systemauslastung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.