|
Plagegeister aller Art und deren Bekämpfung: Failed to save all the components for the file \\System 32\\0000174eWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.02.2012, 16:53 | #1 |
| Failed to save all the components for the file \\System 32\\0000174e Hallo bin über Google auf dieses Forum gestossen, als ich diese Fehlermeldung eingab: "Failed to save all the components for the file \\System 32\\0000174e The file is currupted or unreadable. This error may e caused by a pc hardware problem " Diese Problem hatte gestern auch ein Forumskollege hier http://www.trojaner-board.de/109599-...te-failed.html " Heute aben, mitten in einem Facebook Chat wurde mein Desktop schwarz Ein Fenster hat sich geöffnet und sich sehr schnell kopiert der Titel ist Windows - Delayed Write Failed der Text im Fenster ist Failed to save all the components for the file \\System 32\\000074b5 The file is currupted or unreadable. This error may e caused by a pc hardware problem dazu geht ein fenster von einem "antivirenprogramm" auf, welches am Schluss eine Kaufoption hat. Ich gehe mal davon aus, dass das nicht die Lösung seine kann. Da System ist XP professional Antivir habe ich gestern aktualisiert. Ich bin reiner user und habe ausser Anwendungsprogrammen nicht viel Ahnung von Compis Für Hilfe bin ich dankbar." Habe auch schon wie Chris es sagte die Logfiles OTL.TXT : OTL logfile created on: 11.02.2012 16:16:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free 8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\La Bambola\Pictures\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\WUD3mitwyXx4QP.exe (Mioft) PRC - C:\ProgramData\TTeOjDRpFmBku.exe (Mioft) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe () PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Egistec MyWinLockerSuite\x86\MiniLauncher.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Lexmark Toolbar\resource.dll () MOD - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () MOD - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll () MOD - C:\Windows\SysWOW64\LXECsmr.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll () MOD - C:\Windows\SysWOW64\LXECsm.dll () MOD - C:\Programme\Lexmark Printable Web\resource.dll () MOD - C:\Programme\Lexmark Printable Web\bho.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (lxec_device) -- C:\Windows\SysNative\lxeccoms.exe ( ) SRV:64bit: - (lxecCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.) SRV - (lxec_device) -- C:\Windows\SysWow64\lxeccoms.exe ( ) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/ IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.01 21:01:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.29 18:23:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Extensions [2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (IMinent Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions [2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (Ashampoo DE Community Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79} [2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\chrome [2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\components [2011.12.01 21:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.12.01 21:01:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.03 13:59:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.03 13:59:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.11.03 13:59:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.11.03 13:59:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.11.03 13:59:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.11.03 13:59:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.81\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.) O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [googletalk] C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKCU..\Run: [TTeOjDRpFmBku.exe] C:\ProgramData\TTeOjDRpFmBku.exe (Mioft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7325C8D-F299-4526-8AC6-2213C2044F01}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell - "" = AutoRun O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell\AutoRun\command - "" = I:\DPFMate.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.11 11:08:22 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check [2012.02.11 11:07:42 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe [2012.02.11 11:02:17 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe [2012.02.11 09:41:51 | 000,456,704 | -H-- | C] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe [2012.02.02 23:16:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.02.02 23:13:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\Solid State Networks [2012.01.31 23:27:47 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{92D5558B-2493-40BB-9529-837CF9CE15DA} [2012.01.31 21:19:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{A27A70E1-8FE5-4252-BDDB-E8440D537185} [2012.01.31 21:17:26 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{DEC125AA-2699-48F9-B568-56BAFE4887D6} [2012.01.31 11:17:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.31 11:17:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.31 11:17:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.31 11:17:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.31 11:17:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.31 11:17:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\SiDiary [2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\SiDiary [2012.01.18 22:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiDiary 6 [2012.01.18 22:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SINOVO [2012.01.15 14:32:04 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{8E94453E-D4D7-4733-8D61-F6E71E47E197} [2011.05.30 13:23:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll [2011.05.30 13:23:47 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll [2011.05.30 13:23:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll [2011.05.30 13:23:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll [2011.05.30 13:23:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll [2011.05.30 13:23:46 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll [2011.05.30 13:23:45 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll [2011.05.30 13:23:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll [2011.05.30 13:23:45 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe [2011.05.30 13:23:45 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe [2011.05.30 13:23:45 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll [2011.05.30 13:23:45 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.11 15:47:31 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012.02.11 15:40:09 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.11 15:39:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.11 15:39:47 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys [2012.02.11 15:23:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.02.11 11:23:18 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.02.11 11:23:18 | 000,654,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.02.11 11:23:18 | 000,615,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.02.11 11:23:18 | 000,129,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.02.11 11:23:18 | 000,106,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.02.11 11:19:31 | 000,000,440 | -H-- | M] () -- C:\ProgramData\WUD3mitwyXx4QP [2012.02.11 11:16:45 | 000,000,272 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QP [2012.02.11 11:16:45 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QPr [2012.02.11 11:08:23 | 000,000,657 | -H-- | M] () -- C:\Users\La Bambola\Desktop\System Check.lnk [2012.02.11 11:07:42 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe [2012.02.11 11:02:29 | 000,000,336 | -H-- | M] () -- C:\ProgramData\4emu7zUuXuRn4Y [2012.02.11 11:02:17 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe [2012.02.11 11:00:28 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat [2012.02.11 11:00:28 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat [2012.02.11 09:38:45 | 000,456,704 | -H-- | M] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe [2012.01.31 21:29:21 | 000,287,922 | -H-- | M] () -- C:\Users\La Bambola\Desktop\fkk-club-logo-vektor2_Kopie.bmp [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.11 11:16:09 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012.02.11 11:08:24 | 000,000,272 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QP [2012.02.11 11:08:24 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QPr [2012.02.11 11:08:23 | 000,000,657 | -H-- | C] () -- C:\Users\La Bambola\Desktop\System Check.lnk [2012.02.11 11:07:54 | 000,000,440 | -H-- | C] () -- C:\ProgramData\WUD3mitwyXx4QP [2012.02.11 11:02:29 | 000,000,336 | -H-- | C] () -- C:\ProgramData\4emu7zUuXuRn4Y [2011.10.22 21:32:39 | 000,000,164 | -H-- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E} [2011.10.22 21:32:39 | 000,000,092 | -H-- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2011.09.09 04:11:09 | 000,010,240 | -H-- | C] () -- C:\Users\La Bambola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.01 19:01:48 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.06.01 19:01:48 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011.05.30 13:23:47 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll [2011.05.30 13:23:47 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll [2011.05.30 13:23:46 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll [2011.05.30 13:23:46 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll [2011.05.30 13:23:46 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll [2011.05.30 13:23:46 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll [2011.05.30 13:23:46 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll [2011.05.30 13:23:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll [2011.05.30 13:23:46 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll [2011.05.30 13:22:51 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll [2011.05.30 13:22:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll [2011.05.29 18:23:14 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2010.08.26 13:22:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== Files - Unicode (All) ========== [2011.09.19 02:15:37 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ· [2011.09.19 02:15:37 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ· < End of report > EXTRAS.TXT: OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free 8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube" "{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch "{ace71e88-1bf2-4793-9e94-1d9a0d19438d}" = Nero 9 Essentials "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Ashampoo Red Ex_is1" = Ashampoo Red Ex 1.0.0 "Ashampoo_DE Toolbar" = Ashampoo DE Toolbar "Avira AntiVir Desktop" = Avira Free Antivirus "Google Chrome" = Google Chrome "Hotkey Utility" = Hotkey Utility "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de) "WinLiveSuite" = Windows Live Essentials "Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 09.01.2012 16:59:35 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: tbAsha.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4ec36c16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x07272060 ID des fehlerhaften Prozesses: 0x12ec Startzeit der fehlerhaften Anwendung: 0x01cccf1189751880 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: tbAsha.dll Berichtskennung: d563b170-3b04-11e1-a420-f80f4110e59e Error - 10.01.2012 16:52:13 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0xfbc Startzeit der fehlerhaften Anwendung: 0x01cccfbb5e67ba80 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: f8b74100-3bcc-11e1-b30f-f80f4110e59e Error - 11.01.2012 11:48:37 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3f8 Startzeit: 01ccd070520c4480 Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: 82b34ef1-3c6b-11e1-a5bd-f80f4110e59e Error - 14.01.2012 13:41:33 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 464 Startzeit: 01ccd1de4e5e0840 Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: f8f617c5-3ed6-11e1-ba07-f80f4110e59e Error - 16.01.2012 19:49:17 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften Prozesses: 0xd60 Startzeit der fehlerhaften Anwendung: 0x01ccd47e4b8a0cc0 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b37e692c-409c-11e1-ad85-f80f4110e59e Error - 16.01.2012 20:13:41 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften Prozesses: 0xdf0 Startzeit der fehlerhaften Anwendung: 0x01ccd4a97998c1bc Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 1c06be24-40a0-11e1-ad85-f80f4110e59e Error - 20.01.2012 05:52:08 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0x1364 Startzeit der fehlerhaften Anwendung: 0x01ccd757335c37f0 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 69f7d290-434c-11e1-81a4-f80f4110e59e Error - 20.01.2012 16:02:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0, Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6 ID des fehlerhaften Prozesses: 0x6d4 Startzeit der fehlerhaften Anwendung: 0x01ccd7470d1b69e0 Pfad der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: bc9347f0-43a1-11e1-81a4-f80f4110e59e Error - 24.01.2012 22:00:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0, Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6 ID des fehlerhaften Prozesses: 0x828 Startzeit der fehlerhaften Anwendung: 0x01ccda7f5bff75c0 Pfad der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: 694cf370-46f8-11e1-a5fd-f80f4110e59e Error - 26.01.2012 19:39:52 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0xca4 Startzeit der fehlerhaften Anwendung: 0x01ccdc8394edca20 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 0a79bce0-4877-11e1-b440-f80f4110e59e [ System Events ] Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > Soll ich genau die selben Anweisunden befolgen wie Luk70, oder andere bei windows7? Vorab vielen Dank Cherokee |
11.02.2012, 21:07 | #2 |
| Failed to save all the components for the file \\System 32\\0000174e Ich hoffe ich habe noch gegen keine Forumsregel verstossen?
__________________ |
12.02.2012, 02:10 | #3 | |
| Failed to save all the components for the file \\System 32\\0000174e habe nochmals den
__________________codeOTL.TX Logfile: Code:
ATTFilter OTL logfile created on: 11.02.2012 16:16:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free 8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\La Bambola\Pictures\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\WUD3mitwyXx4QP.exe (Mioft) PRC - C:\ProgramData\TTeOjDRpFmBku.exe (Mioft) PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe () PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited) PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Egistec MyWinLockerSuite\x86\MiniLauncher.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Lexmark Toolbar\resource.dll () MOD - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () MOD - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll () MOD - C:\Windows\SysWOW64\LXECsmr.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll () MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll () MOD - C:\Windows\SysWOW64\LXECsm.dll () MOD - C:\Programme\Lexmark Printable Web\resource.dll () MOD - C:\Programme\Lexmark Printable Web\bho.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (lxec_device) -- C:\Windows\SysNative\lxeccoms.exe ( ) SRV:64bit: - (lxecCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.) SRV - (lxec_device) -- C:\Windows\SysWow64\lxeccoms.exe ( ) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe () SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/ IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.selectedEngine: "" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.01 21:01:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.29 18:23:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Extensions [2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (IMinent Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions [2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (Ashampoo DE Community Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79} [2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\chrome [2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\components [2011.12.01 21:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.12.01 21:01:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.03 13:59:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.03 13:59:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.11.03 13:59:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.11.03 13:59:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.11.03 13:59:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.11.03 13:59:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.81\npGoogleUpdate3.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.) O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll () O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe () O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe () O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [googletalk] C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google) O4 - HKCU..\Run: [TTeOjDRpFmBku.exe] C:\ProgramData\TTeOjDRpFmBku.exe (Mioft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7325C8D-F299-4526-8AC6-2213C2044F01}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell - "" = AutoRun O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell\AutoRun\command - "" = I:\DPFMate.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.02.11 11:08:22 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check [2012.02.11 11:07:42 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe [2012.02.11 11:02:17 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe [2012.02.11 09:41:51 | 000,456,704 | -H-- | C] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe [2012.02.02 23:16:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.02.02 23:13:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\Solid State Networks [2012.01.31 23:27:47 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{92D5558B-2493-40BB-9529-837CF9CE15DA} [2012.01.31 21:19:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{A27A70E1-8FE5-4252-BDDB-E8440D537185} [2012.01.31 21:17:26 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{DEC125AA-2699-48F9-B568-56BAFE4887D6} [2012.01.31 11:17:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.01.31 11:17:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2012.01.31 11:17:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2012.01.31 11:17:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2012.01.31 11:17:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2012.01.31 11:17:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\SiDiary [2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\SiDiary [2012.01.18 22:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiDiary 6 [2012.01.18 22:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SINOVO [2012.01.15 14:32:04 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{8E94453E-D4D7-4733-8D61-F6E71E47E197} [2011.05.30 13:23:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll [2011.05.30 13:23:47 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll [2011.05.30 13:23:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll [2011.05.30 13:23:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll [2011.05.30 13:23:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll [2011.05.30 13:23:46 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll [2011.05.30 13:23:45 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll [2011.05.30 13:23:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll [2011.05.30 13:23:45 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe [2011.05.30 13:23:45 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe [2011.05.30 13:23:45 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll [2011.05.30 13:23:45 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.11 15:47:31 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012.02.11 15:40:09 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.02.11 15:39:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.11 15:39:47 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys [2012.02.11 15:23:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.02.11 11:23:18 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.02.11 11:23:18 | 000,654,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.02.11 11:23:18 | 000,615,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.02.11 11:23:18 | 000,129,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.02.11 11:23:18 | 000,106,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.02.11 11:19:31 | 000,000,440 | -H-- | M] () -- C:\ProgramData\WUD3mitwyXx4QP [2012.02.11 11:16:45 | 000,000,272 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QP [2012.02.11 11:16:45 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QPr [2012.02.11 11:08:23 | 000,000,657 | -H-- | M] () -- C:\Users\La Bambola\Desktop\System Check.lnk [2012.02.11 11:07:42 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe [2012.02.11 11:02:29 | 000,000,336 | -H-- | M] () -- C:\ProgramData\4emu7zUuXuRn4Y [2012.02.11 11:02:17 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe [2012.02.11 11:00:28 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat [2012.02.11 11:00:28 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat [2012.02.11 09:38:45 | 000,456,704 | -H-- | M] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe [2012.01.31 21:29:21 | 000,287,922 | -H-- | M] () -- C:\Users\La Bambola\Desktop\fkk-club-logo-vektor2_Kopie.bmp [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.02.11 11:16:09 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2012.02.11 11:08:24 | 000,000,272 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QP [2012.02.11 11:08:24 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QPr [2012.02.11 11:08:23 | 000,000,657 | -H-- | C] () -- C:\Users\La Bambola\Desktop\System Check.lnk [2012.02.11 11:07:54 | 000,000,440 | -H-- | C] () -- C:\ProgramData\WUD3mitwyXx4QP [2012.02.11 11:02:29 | 000,000,336 | -H-- | C] () -- C:\ProgramData\4emu7zUuXuRn4Y [2011.10.22 21:32:39 | 000,000,164 | -H-- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E} [2011.10.22 21:32:39 | 000,000,092 | -H-- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51} [2011.09.09 04:11:09 | 000,010,240 | -H-- | C] () -- C:\Users\La Bambola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.06.01 19:01:48 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2011.06.01 19:01:48 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2011.05.30 13:23:47 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll [2011.05.30 13:23:47 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll [2011.05.30 13:23:46 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll [2011.05.30 13:23:46 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll [2011.05.30 13:23:46 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll [2011.05.30 13:23:46 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll [2011.05.30 13:23:46 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll [2011.05.30 13:23:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll [2011.05.30 13:23:46 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll [2011.05.30 13:22:51 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll [2011.05.30 13:22:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll [2011.05.29 18:23:14 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat [2010.08.26 13:22:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== Files - Unicode (All) ========== [2011.09.19 02:15:37 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ· [2011.09.19 02:15:37 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ· < End of report > code und den codeOTL Extras Logfile: Code:
ATTFilter OTL Extras logfile created on: 11.02.2012 16:16:06 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free 8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.35 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NVIDIA Drivers" = NVIDIA Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste "{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help "{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console "{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart "{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2 "{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube" "{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch "{ace71e88-1bf2-4793-9e94-1d9a0d19438d}" = Nero 9 Essentials "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center "{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter "{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade "{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater "{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool "Acer Registration" = Acer Registration "Acer Screensaver" = Acer ScreenSaver "Acer Welcome Center" = Welcome Center "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Ashampoo Red Ex_is1" = Ashampoo Red Ex 1.0.0 "Ashampoo_DE Toolbar" = Ashampoo DE Toolbar "Avira AntiVir Desktop" = Avira Free Antivirus "Google Chrome" = Google Chrome "Hotkey Utility" = Hotkey Utility "Identity Card" = Identity Card "InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2 "InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe "InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite "InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager "Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de) "WinLiveSuite" = Windows Live Essentials "Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 09.01.2012 16:59:35 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: tbAsha.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4ec36c16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x07272060 ID des fehlerhaften Prozesses: 0x12ec Startzeit der fehlerhaften Anwendung: 0x01cccf1189751880 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: tbAsha.dll Berichtskennung: d563b170-3b04-11e1-a420-f80f4110e59e Error - 10.01.2012 16:52:13 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0xfbc Startzeit der fehlerhaften Anwendung: 0x01cccfbb5e67ba80 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: f8b74100-3bcc-11e1-b30f-f80f4110e59e Error - 11.01.2012 11:48:37 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3f8 Startzeit: 01ccd070520c4480 Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: 82b34ef1-3c6b-11e1-a5bd-f80f4110e59e Error - 14.01.2012 13:41:33 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002 Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 464 Startzeit: 01ccd1de4e5e0840 Endzeit: 0 Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: f8f617c5-3ed6-11e1-ba07-f80f4110e59e Error - 16.01.2012 19:49:17 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften Prozesses: 0xd60 Startzeit der fehlerhaften Anwendung: 0x01ccd47e4b8a0cc0 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b37e692c-409c-11e1-ad85-f80f4110e59e Error - 16.01.2012 20:13:41 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften Prozesses: 0xdf0 Startzeit der fehlerhaften Anwendung: 0x01ccd4a97998c1bc Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 1c06be24-40a0-11e1-ad85-f80f4110e59e Error - 20.01.2012 05:52:08 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0x1364 Startzeit der fehlerhaften Anwendung: 0x01ccd757335c37f0 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 69f7d290-434c-11e1-81a4-f80f4110e59e Error - 20.01.2012 16:02:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0, Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6 ID des fehlerhaften Prozesses: 0x6d4 Startzeit der fehlerhaften Anwendung: 0x01ccd7470d1b69e0 Pfad der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: bc9347f0-43a1-11e1-81a4-f80f4110e59e Error - 24.01.2012 22:00:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0, Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6 ID des fehlerhaften Prozesses: 0x828 Startzeit der fehlerhaften Anwendung: 0x01ccda7f5bff75c0 Pfad der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: 694cf370-46f8-11e1-a5fd-f80f4110e59e Error - 26.01.2012 19:39:52 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514, Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720, Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften Prozesses: 0xca4 Startzeit der fehlerhaften Anwendung: 0x01ccdc8394edca20 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 0a79bce0-4877-11e1-b440-f80f4110e59e [ System Events ] Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxecCATSCustConnectService erreicht. Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > --- --- --- Zitat:
|
13.02.2012, 19:09 | #4 |
| Failed to save all the components for the file \\System 32\\0000174e weiß zufällig jemand mehr über den Virus? Woher er kommt? Wie man ihn bekommt... LG |
Themen zu Failed to save all the components for the file \\System 32\\0000174e |
2.0.7, ad-aware, autorun, avira, conduit, desktop, error, failed, failed to save all the components for the file \\system 32\\0000174e, firefox, flash player, google, google chrome, helper, home, iexplore.exe, iminent, iminent toolbar, install.exe, ntdll.dll, plug-in, pmmupdate.exe, problem, programm, realtek, registry, rundll, scan, secur, security, software, symantec, system, system 32, version=1.0, webcheck |