| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows Fix Disk - Bestehende Probleme nach "Entfernung"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
15.04.2011, 13:51
| #1 |
 |  Windows Fix Disk - Bestehende Probleme nach "Entfernung" Hallo, wie ich soeben gesehen habe, hat sich heute bereits noch jemand Windows Fix Disk eingefangen. Ich war auf keiner ungewöhnlichen Seite, als sich plötzlich ein Fenster öffnete (Windows Fix Disk) und mir von schweren Problemen berichtete. Ein Scan wurde automatisch durchgeführt, ich habe dann allerdings abgebrochen, weil mir das Ganze ungewöhnlich vorkam. Nach erfolgreichem Googlen, kam ich auf diese Seite und bin auch den Anweisungen gefolgt. Die Fehlermeldungen erschienen nicht mehr, Malwarebytes fand diverse Trojaner etc., die ich entfernte. Einiges wurde aber nur geblockt. Ich habe leider das Protokoll dazu nicht aufgehoben. Normalerweise nutze ich Trend Micro, das musste ich allerdings verlängern, habe danach auch noch einmal damit einen vollständigen Systemscan gemacht und es wurde nichts gefunden. Dafür musste ich Malwarebytes aber wieder löschen, da beide Anwendungen sich wohl gegenseitig blockieren. Mein Problem ist nun Folgendes: Soweit funktioniert alles wieder, aber mein Bildschirmhintergrund ist nach wie vor schwarz (er wurde erst schwarz, als Windows Fix Disk zu arbeiten begann), die Desktopsymbole darauf sehe ich aber und kann sie auch anklicken. Desweiteren sehe ich auf dem Desktop noch das WindowsFixDisk (nicht das normale Symbol dazu, sondern ein weißes Blatt, auf dem ein Desktop-Bildschirm abgebildet ist). Beim Neustart erhalte ich zudem jedes Mal eine Fehlermeldung, dass bestimmte Run-DLL-Module nicht gefunden werden konnten (und zwar: epabaguwimuwese.dll und arorplt.dll. Ich habe schon gegoogelt, aber dazu nichts gefunden. Ich weiß auch nicht, ob euch das weiterhilft.) Für Hilfe wäre ich euch sehr dankbar. Edit: Ich verwende ein Netbook, Asus Eee PC, Intel(R) Atom(TM), CPU N450, 1.66 GHz, 32-Bit-Betriebssystem, Windows 7 Starter. Geändert von Sara84 (15.04.2011 um 13:59 Uhr) |
|
15.04.2011, 14:23
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows Fix Disk - Bestehende Probleme nach "Entfernung"Zitat:
Alle Logs in Malwarebytes sind im Reiter Logdateien zu finden!
__________________ |
|
15.04.2011, 15:10
| #3 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Ah, okay, ich denke, das dürfte es sein? Danke.
__________________Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6367 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.04.2011 12:28:41 mbam-log-2011-04-15 (12-28-41).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Durchsuchte Objekte: 236567 Laufzeit: 1 Stunde(n), 3 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 2 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 3 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 22 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: c:\Users\MaxMustermann\AppData\Local\arorplt.dll (Trojan.Hiloti.Gen) -> Delete on reboot. c:\Users\MaxMustermann\AppData\Local\epabaguwimuwese.dll (Trojan.Agent.U) -> Delete on reboot. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bhuxozofuqoqi (Trojan.Hiloti.Gen) -> Value: Bhuxozofuqoqi -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LkmHONmnjf (Trojan.FakeAlert) -> Value: LkmHONmnjf -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cridohisiqu (Trojan.Agent.U) -> Value: Cridohisiqu -> Delete on reboot. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\MaxMustermann\AppData\Local\arorplt.dll (Trojan.Hiloti.Gen) -> Delete on reboot. c:\programdata\lkmhonmnjf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\programdata\32497416.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup2192264908.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup234237408.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup2607232832.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup269453960.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\err.log198019291 (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\nwscxormea.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\osxrawnmce.exe (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\7DC5.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\8380.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\tmpD259.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup346838016.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup3712987452.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup445842504.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup567368136.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup606249924.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\Temp\setup6288896.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Roaming\Adobe\plugs\kb198031257.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\MaxMustermann\AppData\Local\epabaguwimuwese.dll (Trojan.Agent.U) -> Delete on reboot. Aha, und das sind die beiden, die nun "vermisst" werden, wie ich gerade feststelle: Infizierte Speichermodule: c:\Users\MaxMustermann\AppData\Local\arorplt.dll (Trojan.Hiloti.Gen) -> Delete on reboot. c:\Users\MaxMustermann\AppData\Local\epabaguwimuwese.dll (Trojan.Agent.U) -> Delete on reboot. Nochmal edit: Ich sehe gerade, dass die Dateien unter "Quarantäne" bei Malwarebytes noch aufgeführt sind, d.h. also doch nicht gelöscht? Kann ich sie dann jetzt einfach löschen oder sind Dateien dabei, die nicht gelöscht werden sollten? Geändert von Sara84 (15.04.2011 um 15:23 Uhr) Grund: Zusatzfrage |
|
15.04.2011, 17:07
| #4 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Kann ich nun einfach löschen oder kann etwas passieren? Danke.  |
|
15.04.2011, 18:16
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Du hast das Log unvollstöndig gepostet!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.04.2011, 18:25
| #6 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Ich bin auf Mailwarebytes => Logdateien => hab es geöffnet und den Inhalt kopiert. Mehr ist nicht angegeben. Ich kenne mich allerdings auch kein bisschen damit aus. Was fehlt denn bzw. was nun? |
|
15.04.2011, 18:41
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Fix Disk - Bestehende Probleme nach "Entfernung"Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 19:01
| #8 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Mit der Maus, aber mit STRG+A ist es dasselbe. Hab die Text-Datei ja direkt vor mir und gerade verglichen. Statt meines Namens hab ich MaxMustermann angegeben, sollte ich vielleicht dazu sagen. Jetzt bin ich etwas überfragt.  |
|
15.04.2011, 19:33
| #9 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Ich hab jetzt auch noch etwas auf meinem USB-Stick gefunden: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6368 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.04.2011 20:31:30 mbam-log-2011-04-15 (20-31-30).txt Art des Suchlaufs: Vollständiger Suchlauf (E:\|F:\|) Durchsuchte Objekte: 143776 Laufzeit: 4 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cridohisiqu (Trojan.Agent.U) -> Value: Cridohisiqu -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bhuxozofuqoqi (Trojan.Agent.U) -> Value: Bhuxozofuqoqi -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
15.04.2011, 20:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Ich will das alte Log sehen und zwar vollständig.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 21:05
| #11 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Es gibt nur dieses...ich kann es gern nochmal kopieren: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6367 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 15.04.2011 12:28:41 mbam-log-2011-04-15 (12-28-41).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|) Durchsuchte Objekte: 236567 Laufzeit: 1 Stunde(n), 3 Minute(n), 31 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 2 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 3 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 22 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: c:\Users\Mercedes\AppData\Local\arorplt.dll (Trojan.Hiloti.Gen) -> Delete on reboot. c:\Users\Mercedes\AppData\Local\epabaguwimuwese.dll (Trojan.Agent.U) -> Delete on reboot. Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Bhuxozofuqoqi (Trojan.Hiloti.Gen) -> Value: Bhuxozofuqoqi -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LkmHONmnjf (Trojan.FakeAlert) -> Value: LkmHONmnjf -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cridohisiqu (Trojan.Agent.U) -> Value: Cridohisiqu -> Delete on reboot. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\Users\Mercedes\AppData\Local\arorplt.dll (Trojan.Hiloti.Gen) -> Delete on reboot. c:\programdata\lkmhonmnjf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\programdata\32497416.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup2192264908.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup234237408.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup2607232832.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup269453960.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\err.log198019291 (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\nwscxormea.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\osxrawnmce.exe (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\7DC5.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\8380.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\adobe_flash_player.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\tmpD259.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup346838016.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup3712987452.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup445842504.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup567368136.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup606249924.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\Temp\setup6288896.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Roaming\Adobe\plugs\kb198031257.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Mercedes\AppData\Local\epabaguwimuwese.dll (Trojan.Agent.U) -> Delete on reboot. |
|
15.04.2011, 21:16
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Geht doch!  Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 21:35
| #13 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Hier sind sie. Nr.1:OTL Logfile: Code:
ATTFilter OTL logfile created on: 4/15/2011 10:20:36 PM - Run 1 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Mercedes\Pictures Starter Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,014.00 Mb Total Physical Memory | 67.00 Mb Available Physical Memory | 7.00% Memory free 2.00 Gb Paging File | 0.00 Gb Available in Paging File | 20.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 80.00 Gb Total Space | 55.41 Gb Free Space | 69.27% Space Free | Partition Type: NTFS Drive D: | 59.03 Gb Total Space | 58.94 Gb Free Space | 99.85% Space Free | Partition Type: NTFS Drive E: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive F: | 3.74 Gb Total Space | 3.71 Gb Free Space | 99.15% Space Free | Partition Type: FAT32 Computer Name: ****-PC | User Name: **** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Mercedes\Pictures\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe (Trend Micro Inc.) PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\herbert.exe\mbam.exe (Malwarebytes Corporation) PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe () PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe () PRC - C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\EeePC\SHE\SuperHybridEngine.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files\EeePC\HotkeyService\HotkeyService.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe () PRC - C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe () PRC - C:\Windows\System32\AsusService.exe () PRC - C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Boingo Wireless, Inc.) PRC - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (Adobe Systems, Inc.) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Mercedes\Pictures\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (OberonGameConsoleService) -- C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe () SRV - (AsusService) -- C:\Windows\System32\AsusService.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) ========== Driver Services (SafeList) ========== DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.) DRV - (tmtdi) -- C:\Windows\System32\drivers\tmtdi.sys (Trend Micro Inc.) DRV - (tmactmon) -- C:\Windows\System32\drivers\tmactmon.sys (Trend Micro Inc.) DRV - (tmevtmgr) -- C:\Windows\System32\drivers\tmevtmgr.sys (Trend Micro Inc.) DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (AsUpIO) -- C:\Windows\System32\drivers\AsUpIO.sys () DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011/04/15 12:45:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2011/04/15 12:46:08 | 000,000,000 | ---D | M] O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk () O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe () O4 - HKLM..\Run: [EeeSplendidAgent] C:\Program Files\ASUS\EPC\EeeSplendid\AsAgent.exe () O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LiveUpdate] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] File not found O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\herbert.exe\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008/05/06 14:26:23 | 000,000,309 | R--- | M] () - E:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{0a1de46d-c255-11df-8e04-485b3918c446}\Shell - "" = AutoRun O33 - MountPoints2\{0a1de46d-c255-11df-8e04-485b3918c446}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007/10/23 09:45:39 | 001,336,632 | R--- | M] () O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007/10/23 09:45:39 | 001,336,632 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011/04/15 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{EB1D1694-C7BC-4121-B13A-E12A1F338A0B} [2011/04/15 16:05:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys [2011/04/15 16:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herbert.exe [2011/04/15 16:05:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys [2011/04/15 16:05:07 | 000,000,000 | ---D | C] -- C:\herbert.exe [2011/04/15 12:47:41 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Maximum Security [2011/04/15 12:46:22 | 000,092,112 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys [2011/04/15 12:46:16 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys [2011/04/15 12:46:16 | 000,080,464 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys [2011/04/15 12:46:16 | 000,064,080 | ---- | C] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys [2011/04/15 12:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro [2011/04/15 11:23:01 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Roaming\Malwarebytes [2011/04/15 11:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/04/15 10:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011/04/15 10:41:48 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{D6D58711-6C4A-47C7-9AAB-E7D678860412} [2011/04/15 10:39:47 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Fix Disk [2011/04/13 09:41:58 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{2185A444-5A19-4DDB-9DC0-3DFD801AE9D7} [2011/04/12 20:41:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript.dll [2011/04/12 20:41:09 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\vbscript.dll [2011/04/12 20:41:07 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\dnscacheugc.exe [2011/04/12 20:41:06 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll [2011/04/12 20:41:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll [2011/04/12 20:40:56 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll [2011/04/12 20:40:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2011/04/12 20:40:56 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll [2011/04/12 20:40:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2011/04/12 20:40:55 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec [2011/04/12 20:40:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll [2011/04/12 20:40:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll [2011/04/12 20:40:55 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2011/04/12 20:40:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll [2011/04/12 20:40:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe [2011/04/12 20:40:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2011/04/12 20:32:13 | 002,331,136 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2011/04/12 20:31:48 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\FXSCOVER.exe [2011/04/12 20:31:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll [2011/04/12 20:30:49 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42.dll [2011/04/12 20:30:48 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfc42u.dll [2011/03/30 14:21:34 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{7617F6D9-9E90-497C-9CB9-976CD8888676} [2011/03/19 21:36:17 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{CB6F4CDD-6689-4F37-B83B-E9F525F2DF17} [2009/11/04 15:06:04 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys ========== Files - Modified Within 30 Days ========== [2011/04/15 16:05:11 | 000,000,605 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/15 15:51:09 | 000,002,627 | ---- | M] () -- C:\Users\Mercedes\Documents\log.CSV [2011/04/15 15:07:28 | 000,009,696 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/04/15 15:07:28 | 000,009,696 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/04/15 13:28:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2011/04/15 13:28:43 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys [2011/04/15 12:47:55 | 000,001,499 | ---- | M] () -- C:\Users\Mercedes\Desktop\Trend Micro Titanium Maximum Security.lnk [2011/04/15 10:57:07 | 000,189,520 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmcomm.sys [2011/04/15 10:57:07 | 000,092,112 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmtdi.sys [2011/04/15 10:57:07 | 000,080,464 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmactmon.sys [2011/04/15 10:57:07 | 000,064,080 | ---- | M] (Trend Micro Inc.) -- C:\windows\System32\drivers\tmevtmgr.sys [2011/04/15 10:46:57 | 000,654,610 | ---- | M] () -- C:\windows\System32\perfh007.dat [2011/04/15 10:46:57 | 000,616,452 | ---- | M] () -- C:\windows\System32\perfh009.dat [2011/04/15 10:46:57 | 000,130,192 | ---- | M] () -- C:\windows\System32\perfc007.dat [2011/04/15 10:46:57 | 000,106,574 | ---- | M] () -- C:\windows\System32\perfc009.dat [2011/04/15 10:41:50 | 000,000,000 | ---- | M] () -- C:\Users\Mercedes\AppData\Local\Driradava.bin [2011/04/15 10:41:49 | 000,000,120 | ---- | M] () -- C:\Users\Mercedes\AppData\Local\Rmulacafofo.dat [2011/04/15 10:40:49 | 000,000,120 | ---- | M] () -- C:\ProgramData\~32497416 [2011/04/15 10:40:48 | 000,000,152 | ---- | M] () -- C:\ProgramData\~32497416r [2011/04/15 10:39:48 | 000,000,631 | ---- | M] () -- C:\Users\Mercedes\Desktop\Windows Fix Disk.lnk [2011/04/15 10:39:36 | 000,000,344 | ---- | M] () -- C:\ProgramData\32497416 [2011/04/14 10:12:09 | 000,006,592 | ---- | M] () -- C:\Users\Mercedes\Documents\liste.rtf [2011/04/13 03:34:43 | 000,333,280 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2011/04/08 00:14:48 | 000,271,363 | ---- | M] () -- C:\Users\Mercedes\Documents\sdw_2011_3_S62[1].pdf [2011/04/04 22:51:33 | 000,011,593 | ---- | M] () -- C:\Users\Mercedes\Documents\Feb.rtf ========== Files Created - No Company Name ========== [2011/04/15 16:05:11 | 000,000,605 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/04/15 15:51:08 | 000,002,627 | ---- | C] () -- C:\Users\Mercedes\Documents\log.CSV [2011/04/15 12:47:40 | 000,001,499 | ---- | C] () -- C:\Users\Mercedes\Desktop\Trend Micro Titanium Maximum Security.lnk [2011/04/15 10:41:50 | 000,000,000 | ---- | C] () -- C:\Users\Mercedes\AppData\Local\Driradava.bin [2011/04/15 10:41:49 | 000,000,120 | ---- | C] () -- C:\Users\Mercedes\AppData\Local\Rmulacafofo.dat [2011/04/15 10:40:48 | 000,000,152 | ---- | C] () -- C:\ProgramData\~32497416r [2011/04/15 10:40:48 | 000,000,120 | ---- | C] () -- C:\ProgramData\~32497416 [2011/04/15 10:39:48 | 000,000,631 | ---- | C] () -- C:\Users\Mercedes\Desktop\Windows Fix Disk.lnk [2011/04/15 10:39:36 | 000,000,344 | ---- | C] () -- C:\ProgramData\32497416 [2011/04/08 00:14:48 | 000,271,363 | ---- | C] () -- C:\Users\Mercedes\Documents\sdw_2011_3_S62[1].pdf [2011/03/29 22:32:25 | 000,006,592 | ---- | C] () -- C:\Users\Mercedes\Documents\liste.rtf [2011/03/03 04:21:32 | 000,000,017 | ---- | C] () -- C:\windows\System32\shortcut_ex.dat [2011/02/26 21:19:24 | 000,014,848 | ---- | C] () -- C:\Users\Mercedes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/05/13 21:10:34 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS [2010/05/10 22:46:22 | 000,000,000 | ---- | C] () -- C:\Users\Mercedes\AppData\Roaming\wklnhst.dat [2010/01/07 00:49:56 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010/01/07 00:14:26 | 000,011,448 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys [2010/01/07 00:14:18 | 000,001,769 | ---- | C] () -- C:\windows\Language_trs.ini [2010/01/06 23:47:03 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe [2010/01/06 23:47:03 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini [2010/01/06 23:44:46 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat [2010/01/06 23:41:30 | 000,004,692 | ---- | C] () -- C:\windows\System32\drivers\SamSfPa.dat [2009/07/26 03:28:45 | 000,654,610 | ---- | C] () -- C:\windows\System32\perfh007.dat [2009/07/26 03:28:45 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat [2009/07/26 03:28:45 | 000,130,192 | ---- | C] () -- C:\windows\System32\perfc007.dat [2009/07/26 03:28:45 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat [2009/07/14 06:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2009/07/14 06:33:53 | 000,333,280 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT [2009/07/14 04:05:48 | 000,616,452 | ---- | C] () -- C:\windows\System32\perfh009.dat [2009/07/14 04:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat [2009/07/14 04:05:48 | 000,106,574 | ---- | C] () -- C:\windows\System32\perfc009.dat [2009/07/14 04:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat [2009/07/14 04:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT [2009/07/14 04:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat [2009/07/14 01:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll [2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat < End of report > Nr. 2:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 4/15/2011 10:20:36 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Mercedes\Pictures
Starter Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,014.00 Mb Total Physical Memory | 67.00 Mb Available Physical Memory | 7.00% Memory free
2.00 Gb Paging File | 0.00 Gb Available in Paging File | 20.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80.00 Gb Total Space | 55.41 Gb Free Space | 69.27% Space Free | Partition Type: NTFS
Drive D: | 59.03 Gb Total Space | 58.94 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Drive E: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 3.74 Gb Total Space | 3.71 Gb Free Space | 99.15% Space Free | Partition Type: FAT32
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2651A51A-4EA2-4DF6-9F0D-43DDA7D2D6B1}" = ebi.BookReader3J
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}" = Boingo Wi-Fi
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{0B9EAEAC-F271-45DC-BDCB-06ABEEF19825}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-040C-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (French) 2007
"{90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0410-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Italian) 2007
"{90120000-0017-0410-0000-0000000FF1CE}_OMUI.it-it_{342281AF-B7FE-4999-BE64-29F7D6249970}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0017-0413-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Dutch) 2007
"{90120000-0017-0413-0000-0000000FF1CE}_OMUI.nl-nl_{2E9BD56A-2290-46DA-869F-2EDCF0A24E8B}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.it-it_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.nl-nl_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.fr-fr_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.it-it_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.nl-nl_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.fr-fr_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.it-it_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.nl-nl_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.it-it_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}_OMUI.nl-nl_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_OMUI.fr-fr_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-040C-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (French) 2007
"{90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2007
"{90120000-0044-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_OMUI.it-it_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_OMUI.nl-nl_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-040C-0000-0000000FF1CE}" = Microsoft Office Groove MUI (French) 2007
"{90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2007
"{90120000-00BA-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-040C-0000-0000000FF1CE}" = Microsoft Office O MUI (French) 2007
"{90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0410-0000-0000000FF1CE}" = Microsoft Office O MUI (Italian) 2007
"{90120000-0100-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0100-0413-0000-0000000FF1CE}" = Microsoft Office O MUI (Dutch) 2007
"{90120000-0100-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-040C-0000-0000000FF1CE}" = Microsoft Office X MUI (French) 2007
"{90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0410-0000-0000000FF1CE}" = Microsoft Office X MUI (Italian) 2007
"{90120000-0101-0410-0000-0000000FF1CE}_OMUI.it-it_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0101-0413-0000-0000000FF1CE}" = Microsoft Office X MUI (Dutch) 2007
"{90120000-0101-0413-0000-0000000FF1CE}_OMUI.nl-nl_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0061-0407-0000-0000000FF1CE}" = Microsoft Office Home and Student 2010 - Deutsch
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Maximum Security
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{BB5E5F87-E939-4974-A006-2B4A2F60EEA3}_is1" = Game Park Console
"{BDC2421D-EB66-4F32-A588-F72E62EC4E94}" = EeeSplendid
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}" = LocaleMe
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ASUS VIBE" = ASUS VIBE
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Eee Docking_is1" = Eee Docking 3.6.0
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OMUI.fr-fr" = Microsoft Office Language Pack 2007 - French/Français
"OMUI.it-it" = Microsoft Office Language Pack 2007 - Italian/Italiano
"OMUI.nl-nl" = Microsoft Office Language Pack 2007 - Dutch/Nederlands
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 3/2/2011 1:03:47 AM | Computer Name = ****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 3/2/2011 2:45:13 PM | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00231eaa ID des fehlerhaften
Prozesses: 0x26c Startzeit der fehlerhaften Anwendung: 0x01cbd8070cd731c9 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
34e2de06-44fd-11e0-ab5d-485b3918c446
Error - 3/3/2011 9:21:44 AM | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00157429 ID des fehlerhaften
Prozesses: 0x1dd8 Startzeit der fehlerhaften Anwendung: 0x01cbd9a583a53580 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
2e9b5aef-4599-11e0-89e4-485b3918c446
Error - 3/4/2011 5:02:53 AM | Computer Name = ****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 3/5/2011 6:22:38 AM | Computer Name = ****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 3/5/2011 4:48:01 PM | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0xba4 Startzeit der fehlerhaften Anwendung: 0x01cbdb70c220a269 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
db8f220e-4769-11e0-96f8-485b3918c446
Error - 3/7/2011 8:31:51 PM | Computer Name = ****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 3/8/2011 9:03:47 PM | Computer Name = ****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei
"c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der
Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs
im assemblyIdentity-Element ist ungültig.
Error - 3/10/2011 6:27:34 PM | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001719fa ID des fehlerhaften
Prozesses: 0xce4 Startzeit der fehlerhaften Anwendung: 0x01cbdf0eb6043f83 Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
981ce2be-4b65-11e0-8a7f-485b3918c446
Error - 3/10/2011 6:29:46 PM | Computer Name = ****-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16722,
Zeitstempel: 0x4d0c2f29 Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1e00 Startzeit der fehlerhaften Anwendung: 0x01cbdf72713f675e Pfad der
fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung:
e6895630-4b65-11e0-8a7f-485b3918c446
[ OSession Events ]
Error - 9/22/2010 6:14:53 PM | Computer Name = ****-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 214496
seconds with 18720 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 3/25/2011 2:36:02 PM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 3/26/2011 5:05:00 AM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Schedule erreicht.
Error - 3/26/2011 7:26:50 AM | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description =
Error - 3/26/2011 7:27:33 AM | Computer Name = ****-PC | Source = DCOM | ID = 10016
Description =
Error - 3/27/2011 12:44:46 AM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 3/29/2011 9:58:46 AM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman erreicht.
Error - 3/29/2011 2:01:13 PM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 3/29/2011 3:03:35 PM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Wlansvc erreicht.
Error - 3/29/2011 5:59:38 PM | Computer Name = ****-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst Netman erreicht.
Error - 3/30/2011 7:06:21 AM | Computer Name = ****-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?30.?03.?2011 um 11:29:40 unerwartet heruntergefahren.
< End of report >
|
|
16.04.2011, 09:39
| #14 |
| | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Muss ich jetzt noch etwas machen? Danke schon einmal, dass ihr euch um das Problem kümmert. |
|
16.04.2011, 12:10
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows Fix Disk - Bestehende Probleme nach "Entfernung" Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2011/04/15 10:41:50 | 000,000,000 | ---- | C] () -- C:\Users\Mercedes\AppData\Local\Driradava.bin
[2011/04/15 10:41:49 | 000,000,120 | ---- | C] () -- C:\Users\Mercedes\AppData\Local\Rmulacafofo.dat
[2011/04/15 10:40:48 | 000,000,152 | ---- | C] () -- C:\ProgramData\~32497416r
[2011/04/15 10:40:48 | 000,000,120 | ---- | C] () -- C:\ProgramData\~32497416
[2011/04/15 10:39:48 | 000,000,631 | ---- | C] () -- C:\Users\Mercedes\Desktop\Windows Fix Disk.lnk
[2011/04/15 10:39:36 | 000,000,344 | ---- | C] () -- C:\ProgramData\32497416
[2011/03/30 14:21:34 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{7617F6D9-9E90-497C-9CB9-976CD8888676}
[2011/03/19 21:36:17 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{CB6F4CDD-6689-4F37-B83B-E9F525F2DF17}
[2011/04/15 10:41:48 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{D6D58711-6C4A-47C7-9AAB-E7D678860412}
[2011/04/15 10:39:47 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Fix Disk
[2011/04/13 09:41:58 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{2185A444-5A19-4DDB-9DC0-3DFD801AE9D7}
[2011/04/15 21:43:25 | 000,000,000 | ---D | C] -- C:\Users\Mercedes\AppData\Local\{EB1D1694-C7BC-4121-B13A-E12A1F338A0B}
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/05/06 14:26:23 | 000,000,309 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0a1de46d-c255-11df-8e04-485b3918c446}\Shell - "" = AutoRun
O33 - MountPoints2\{0a1de46d-c255-11df-8e04-485b3918c446}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007/10/23 09:45:39 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- [2007/10/23 09:45:39 | 001,336,632 | R--- | M] ()
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows Fix Disk - Bestehende Probleme nach "Entfernung" |
| abgebrochen, anwendungen, automatisch, bestimmte, bla, diverse, fehlermeldungen, fix, folge, funktioniert, google, klicke, löschen, malwarebytes, micro, neustart, nicht gefunden, nicht mehr, plötzlich, probleme, scan, seite, trend, trojaner, windows, windows 7 starter |
Linear-Darstellung
