Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Failed to save all the components for the file \\System 32\\0000174e

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.02.2012, 15:53   #1
cherokee
 
Failed to save all the components for the file \\System 32\\0000174e - Frage

Failed to save all the components for the file \\System 32\\0000174e



Hallo bin über Google auf dieses Forum gestossen, als ich diese Fehlermeldung eingab:

"Failed to save all the components for the file \\System 32\\0000174e The file is currupted or unreadable. This error may e caused by a pc hardware problem "


Diese Problem hatte gestern auch ein Forumskollege hier

http://www.trojaner-board.de/109599-...te-failed.html




" Heute aben, mitten in einem Facebook Chat wurde mein Desktop schwarz

Ein Fenster hat sich geöffnet und sich sehr schnell kopiert

der Titel ist Windows - Delayed Write Failed

der Text im Fenster ist

Failed to save all the components for the file \\System 32\\000074b5 The file is currupted or unreadable. This error may e caused by a pc hardware problem


dazu geht ein fenster von einem "antivirenprogramm" auf, welches am Schluss eine Kaufoption hat.

Ich gehe mal davon aus, dass das nicht die Lösung seine kann.

Da System ist XP professional Antivir habe ich gestern aktualisiert.

Ich bin reiner user und habe ausser Anwendungsprogrammen nicht viel Ahnung von Compis

Für Hilfe bin ich dankbar."

Habe auch schon wie Chris es sagte die Logfiles

OTL.TXT :

OTL logfile created on: 11.02.2012 16:16:06 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free
8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS
Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\La Bambola\Pictures\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\WUD3mitwyXx4QP.exe (Mioft)
PRC - C:\ProgramData\TTeOjDRpFmBku.exe (Mioft)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe ()
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Egistec MyWinLockerSuite\x86\MiniLauncher.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Lexmark Toolbar\resource.dll ()
MOD - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll ()
MOD - C:\Windows\SysWOW64\LXECsmr.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll ()
MOD - C:\Windows\SysWOW64\LXECsm.dll ()
MOD - C:\Programme\Lexmark Printable Web\resource.dll ()
MOD - C:\Programme\Lexmark Printable Web\bho.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (lxec_device) -- C:\Windows\SysNative\lxeccoms.exe ( )
SRV:64bit: - (lxecCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (lxec_device) -- C:\Windows\SysWow64\lxeccoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.01 21:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.05.29 18:23:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Extensions
[2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (IMinent Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions
[2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (Ashampoo DE Community Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}
[2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\chrome
[2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\components
[2011.12.01 21:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.01 21:01:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.03 13:59:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.03 13:59:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.03 13:59:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.03 13:59:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.03 13:59:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.03 13:59:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.81\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [TTeOjDRpFmBku.exe] C:\ProgramData\TTeOjDRpFmBku.exe (Mioft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7325C8D-F299-4526-8AC6-2213C2044F01}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell - "" = AutoRun
O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell\AutoRun\command - "" = I:\DPFMate.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.02.11 11:08:22 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012.02.11 11:07:42 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe
[2012.02.11 11:02:17 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe
[2012.02.11 09:41:51 | 000,456,704 | -H-- | C] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe
[2012.02.02 23:16:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.02 23:13:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\Solid State Networks
[2012.01.31 23:27:47 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{92D5558B-2493-40BB-9529-837CF9CE15DA}
[2012.01.31 21:19:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{A27A70E1-8FE5-4252-BDDB-E8440D537185}
[2012.01.31 21:17:26 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{DEC125AA-2699-48F9-B568-56BAFE4887D6}
[2012.01.31 11:17:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.31 11:17:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.31 11:17:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.31 11:17:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.31 11:17:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.31 11:17:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\SiDiary
[2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\SiDiary
[2012.01.18 22:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiDiary 6
[2012.01.18 22:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SINOVO
[2012.01.15 14:32:04 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{8E94453E-D4D7-4733-8D61-F6E71E47E197}
[2011.05.30 13:23:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011.05.30 13:23:47 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011.05.30 13:23:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011.05.30 13:23:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011.05.30 13:23:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011.05.30 13:23:46 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011.05.30 13:23:45 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011.05.30 13:23:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011.05.30 13:23:45 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011.05.30 13:23:45 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011.05.30 13:23:45 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011.05.30 13:23:45 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 15:47:31 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.02.11 15:40:09 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.11 15:39:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 15:39:47 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.11 15:23:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.11 11:23:18 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.11 11:23:18 | 000,654,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.11 11:23:18 | 000,615,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.11 11:23:18 | 000,129,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.11 11:23:18 | 000,106,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.11 11:19:31 | 000,000,440 | -H-- | M] () -- C:\ProgramData\WUD3mitwyXx4QP
[2012.02.11 11:16:45 | 000,000,272 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QP
[2012.02.11 11:16:45 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QPr
[2012.02.11 11:08:23 | 000,000,657 | -H-- | M] () -- C:\Users\La Bambola\Desktop\System Check.lnk
[2012.02.11 11:07:42 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe
[2012.02.11 11:02:29 | 000,000,336 | -H-- | M] () -- C:\ProgramData\4emu7zUuXuRn4Y
[2012.02.11 11:02:17 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe
[2012.02.11 11:00:28 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012.02.11 11:00:28 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012.02.11 09:38:45 | 000,456,704 | -H-- | M] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe
[2012.01.31 21:29:21 | 000,287,922 | -H-- | M] () -- C:\Users\La Bambola\Desktop\fkk-club-logo-vektor2_Kopie.bmp
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.11 11:16:09 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.02.11 11:08:24 | 000,000,272 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QP
[2012.02.11 11:08:24 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QPr
[2012.02.11 11:08:23 | 000,000,657 | -H-- | C] () -- C:\Users\La Bambola\Desktop\System Check.lnk
[2012.02.11 11:07:54 | 000,000,440 | -H-- | C] () -- C:\ProgramData\WUD3mitwyXx4QP
[2012.02.11 11:02:29 | 000,000,336 | -H-- | C] () -- C:\ProgramData\4emu7zUuXuRn4Y
[2011.10.22 21:32:39 | 000,000,164 | -H-- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}
[2011.10.22 21:32:39 | 000,000,092 | -H-- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011.09.09 04:11:09 | 000,010,240 | -H-- | C] () -- C:\Users\La Bambola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.01 19:01:48 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.06.01 19:01:48 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.05.30 13:23:47 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011.05.30 13:23:47 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll
[2011.05.30 13:23:46 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011.05.30 13:23:46 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011.05.30 13:23:46 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011.05.30 13:23:46 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011.05.30 13:23:46 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011.05.30 13:23:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011.05.30 13:23:46 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011.05.30 13:22:51 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011.05.30 13:22:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011.05.29 18:23:14 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.08.26 13:22:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== Files - Unicode (All) ==========
[2011.09.19 02:15:37 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ·
[2011.09.19 02:15:37 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ·

< End of report >


EXTRAS.TXT:


OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\La Bambola\Pictures
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free
8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS
Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ace71e88-1bf2-4793-9e94-1d9a0d19438d}" = Nero 9 Essentials
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Red Ex_is1" = Ashampoo Red Ex 1.0.0
"Ashampoo_DE Toolbar" = Ashampoo DE Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"Google Chrome" = Google Chrome
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"WinLiveSuite" = Windows Live Essentials
"Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 09.01.2012 16:59:35 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: tbAsha.dll_unloaded, Version:
0.0.0.0, Zeitstempel: 0x4ec36c16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x07272060
ID
des fehlerhaften Prozesses: 0x12ec Startzeit der fehlerhaften Anwendung: 0x01cccf1189751880
Pfad
der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: tbAsha.dll Berichtskennung: d563b170-3b04-11e1-a420-f80f4110e59e

Error - 10.01.2012 16:52:13 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften
Prozesses: 0xfbc Startzeit der fehlerhaften Anwendung: 0x01cccfbb5e67ba80 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: f8b74100-3bcc-11e1-b30f-f80f4110e59e

Error - 11.01.2012 11:48:37 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 3f8 Startzeit: 01ccd070520c4480 Endzeit: 0 Anwendungspfad: C:\Program
Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: 82b34ef1-3c6b-11e1-a5bd-f80f4110e59e


Error - 14.01.2012 13:41:33 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 464 Startzeit: 01ccd1de4e5e0840 Endzeit: 0 Anwendungspfad: C:\Program
Files (x86)\Internet Explorer\iexplore.exe Berichts-ID: f8f617c5-3ed6-11e1-ba07-f80f4110e59e


Error - 16.01.2012 19:49:17 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0xd60 Startzeit der fehlerhaften Anwendung: 0x01ccd47e4b8a0cc0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: b37e692c-409c-11e1-ad85-f80f4110e59e

Error - 16.01.2012 20:13:41 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b8f Ausnahmecode: 0xc0000374 Fehleroffset: 0x000ce6c3 ID des fehlerhaften
Prozesses: 0xdf0 Startzeit der fehlerhaften Anwendung: 0x01ccd4a97998c1bc Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: 1c06be24-40a0-11e1-ad85-f80f4110e59e

Error - 20.01.2012 05:52:08 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften
Prozesses: 0x1364 Startzeit der fehlerhaften Anwendung: 0x01ccd757335c37f0 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 69f7d290-434c-11e1-81a4-f80f4110e59e

Error - 20.01.2012 16:02:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0,
Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0,
Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6
ID
des fehlerhaften Prozesses: 0x6d4 Startzeit der fehlerhaften Anwendung: 0x01ccd7470d1b69e0
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften
Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: bc9347f0-43a1-11e1-81a4-f80f4110e59e

Error - 24.01.2012 22:00:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0,
Zeitstempel: 0x4b200765 Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0,
Zeitstempel: 0x4b200879 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000000a9ee6
ID
des fehlerhaften Prozesses: 0x828 Startzeit der fehlerhaften Anwendung: 0x01ccda7f5bff75c0
Pfad
der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe Pfad des fehlerhaften
Moduls: C:\Windows\system32\lxecserv.dll Berichtskennung: 694cf370-46f8-11e1-a5fd-f80f4110e59e

Error - 26.01.2012 19:39:52 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
Zeitstempel: 0x4ce79912 Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
Zeitstempel: 0x4eb4ba27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0011d296 ID des fehlerhaften
Prozesses: 0xca4 Startzeit der fehlerhaften Anwendung: 0x01ccdc8394edca20 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll Berichtskennung: 0a79bce0-4877-11e1-b440-f80f4110e59e

[ System Events ]
Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.

Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.

Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.

Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.

Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053

Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
lxecCATSCustConnectService erreicht.

Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053


< End of report >


Soll ich genau die selben Anweisunden befolgen wie Luk70, oder andere bei windows7?

Vorab vielen Dank

Cherokee

Alt 11.02.2012, 20:07   #2
cherokee
 
Failed to save all the components for the file \\System 32\\0000174e - Standard

Failed to save all the components for the file \\System 32\\0000174e



Ich hoffe ich habe noch gegen keine Forumsregel verstossen?
__________________


Alt 12.02.2012, 01:10   #3
cherokee
 
Failed to save all the components for the file \\System 32\\0000174e - Icon27

Failed to save all the components for the file \\System 32\\0000174e



habe nochmals den

codeOTL.TX Logfile:
Code:
ATTFilter
OTL logfile created on: 11.02.2012 16:16:06 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\La Bambola\Pictures
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free
8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS
Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\La Bambola\Pictures\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\WUD3mitwyXx4QP.exe (Mioft)
PRC - C:\ProgramData\TTeOjDRpFmBku.exe (Mioft)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe ()
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Egistec MyWinLockerSuite\x86\MiniLauncher.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
PRC - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Lexmark Toolbar\resource.dll ()
MOD - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
MOD - C:\Program Files (x86)\Lavasoft\Ad-Aware\autolaunch.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epwizard.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\customui.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Epfunct.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Eputil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\Imagutil.DLL ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecDRS.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecscw.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPOEMDll.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\epstring.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\EPWizRes.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecdatr.dll ()
MOD - C:\Windows\SysWOW64\LXECsmr.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\iptk.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxeccaps.dll ()
MOD - C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecptp.dll ()
MOD - C:\Windows\SysWOW64\LXECsm.dll ()
MOD - C:\Programme\Lexmark Printable Web\resource.dll ()
MOD - C:\Programme\Lexmark Printable Web\bho.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (lxec_device) -- C:\Windows\SysNative\lxeccoms.exe ( )
SRV:64bit: - (lxecCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxecserv.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (lxec_device) -- C:\Windows\SysWow64\lxeccoms.exe ( )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com/
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.01 21:01:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.29 18:23:17 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Extensions
[2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (IMinent Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions
[2012.01.28 18:02:19 | 000,000,000 | -H-D | M] (Ashampoo DE Community Toolbar) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\{5786d022-540e-4699-b350-b4be0ae94b79}
[2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\chrome
[2011.07.04 14:53:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\La Bambola\AppData\Roaming\mozilla\Firefox\Profiles\9g52bzfs.default\extensions\components
[2011.12.01 21:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.01 21:01:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.03 13:59:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.11.03 13:59:44 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.11.03 13:59:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.03 13:59:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.03 13:59:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.03 13:59:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.81\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files (x86)\Lexmark Toolbar\toolband.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe ()
O4:64bit: - HKLM..\Run: [lxecmon.exe] C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe ()
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\La Bambola\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [TTeOjDRpFmBku.exe] C:\ProgramData\TTeOjDRpFmBku.exe (Mioft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7325C8D-F299-4526-8AC6-2213C2044F01}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell - "" = AutoRun
O33 - MountPoints2\{9460b463-291f-11e1-bbc2-f80f4110e59e}\Shell\AutoRun\command - "" = I:\DPFMate.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.11 11:08:22 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012.02.11 11:07:42 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe
[2012.02.11 11:02:17 | 000,360,960 | -H-- | C] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe
[2012.02.11 09:41:51 | 000,456,704 | -H-- | C] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe
[2012.02.02 23:16:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.02 23:13:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\Solid State Networks
[2012.01.31 23:27:47 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{92D5558B-2493-40BB-9529-837CF9CE15DA}
[2012.01.31 21:19:39 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{A27A70E1-8FE5-4252-BDDB-E8440D537185}
[2012.01.31 21:17:26 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{DEC125AA-2699-48F9-B568-56BAFE4887D6}
[2012.01.31 11:17:29 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.31 11:17:24 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012.01.31 11:17:24 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012.01.31 11:17:24 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012.01.31 11:17:24 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012.01.31 11:17:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\SiDiary
[2012.01.18 22:29:11 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\SiDiary
[2012.01.18 22:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiDiary 6
[2012.01.18 22:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SINOVO
[2012.01.15 14:32:04 | 000,000,000 | -H-D | C] -- C:\Users\La Bambola\AppData\Local\{8E94453E-D4D7-4733-8D61-F6E71E47E197}
[2011.05.30 13:23:47 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecinpa.dll
[2011.05.30 13:23:47 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeciesc.dll
[2011.05.30 13:23:46 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecserv.dll
[2011.05.30 13:23:46 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecusb1.dll
[2011.05.30 13:23:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecpmui.dll
[2011.05.30 13:23:46 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeclmpm.dll
[2011.05.30 13:23:45 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomc.dll
[2011.05.30 13:23:45 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\lxechbn3.dll
[2011.05.30 13:23:45 | 000,598,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccoms.exe
[2011.05.30 13:23:45 | 000,373,416 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccfg.exe
[2011.05.30 13:23:45 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\lxeccomm.dll
[2011.05.30 13:23:45 | 000,324,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxecih.exe
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 15:49:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 15:47:31 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.02.11 15:40:09 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.11 15:39:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 15:39:47 | 3220,725,760 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.11 15:23:25 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.11 11:23:18 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.11 11:23:18 | 000,654,006 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.11 11:23:18 | 000,615,888 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.11 11:23:18 | 000,129,878 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.11 11:23:18 | 000,106,268 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.11 11:19:31 | 000,000,440 | -H-- | M] () -- C:\ProgramData\WUD3mitwyXx4QP
[2012.02.11 11:16:45 | 000,000,272 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QP
[2012.02.11 11:16:45 | 000,000,184 | -H-- | M] () -- C:\ProgramData\~WUD3mitwyXx4QPr
[2012.02.11 11:08:23 | 000,000,657 | -H-- | M] () -- C:\Users\La Bambola\Desktop\System Check.lnk
[2012.02.11 11:07:42 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\WUD3mitwyXx4QP.exe
[2012.02.11 11:02:29 | 000,000,336 | -H-- | M] () -- C:\ProgramData\4emu7zUuXuRn4Y
[2012.02.11 11:02:17 | 000,360,960 | -H-- | M] (Mioft) -- C:\ProgramData\4emu7zUuXuRn4Y.exe
[2012.02.11 11:00:28 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012.02.11 11:00:28 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012.02.11 09:38:45 | 000,456,704 | -H-- | M] (Mioft) -- C:\ProgramData\TTeOjDRpFmBku.exe
[2012.01.31 21:29:21 | 000,287,922 | -H-- | M] () -- C:\Users\La Bambola\Desktop\fkk-club-logo-vektor2_Kopie.bmp
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.11 11:16:09 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.02.11 11:08:24 | 000,000,272 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QP
[2012.02.11 11:08:24 | 000,000,184 | -H-- | C] () -- C:\ProgramData\~WUD3mitwyXx4QPr
[2012.02.11 11:08:23 | 000,000,657 | -H-- | C] () -- C:\Users\La Bambola\Desktop\System Check.lnk
[2012.02.11 11:07:54 | 000,000,440 | -H-- | C] () -- C:\ProgramData\WUD3mitwyXx4QP
[2012.02.11 11:02:29 | 000,000,336 | -H-- | C] () -- C:\ProgramData\4emu7zUuXuRn4Y
[2011.10.22 21:32:39 | 000,000,164 | -H-- | C] () -- C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}
[2011.10.22 21:32:39 | 000,000,092 | -H-- | C] () -- C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}
[2011.09.09 04:11:09 | 000,010,240 | -H-- | C] () -- C:\Users\La Bambola\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.01 19:01:48 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.06.01 19:01:48 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.05.30 13:23:47 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\lxeccomx.dll
[2011.05.30 13:23:47 | 000,331,776 | ---- | C] () -- C:\Windows\SysWow64\LXECinst.dll
[2011.05.30 13:23:46 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\lxecins.dll
[2011.05.30 13:23:46 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lxecinsb.dll
[2011.05.30 13:23:46 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\lxeccu.dll
[2011.05.30 13:23:46 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\lxecinsr.dll
[2011.05.30 13:23:46 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\lxeccub.dll
[2011.05.30 13:23:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\lxecjswr.dll
[2011.05.30 13:23:46 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\lxeccur.dll
[2011.05.30 13:22:51 | 000,024,064 | ---- | C] () -- C:\Windows\SysWow64\LXECsmr.dll
[2011.05.30 13:22:50 | 000,299,008 | ---- | C] () -- C:\Windows\SysWow64\LXECsm.dll
[2011.05.29 18:23:14 | 000,000,000 | -H-- | C] () -- C:\Windows\nsreg.dat
[2010.08.26 13:22:38 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== Files - Unicode (All) ==========
[2011.09.19 02:15:37 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ·
[2011.09.19 02:15:37 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?·) -- C:\Windows\SysNative\ꌠ·

< End of report >
         
--- --- ---
code

und den

codeOTL Extras Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.02.2012 16:16:06 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\La Bambola\Pictures
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 53,89% Memory free
8,00 Gb Paging File | 6,08 Gb Available in Paging File | 75,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457,89 Gb Total Space | 408,41 Gb Free Space | 89,19% Space Free | Partition Type: NTFS
Drive D: | 457,90 Gb Total Space | 457,80 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 3,61 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: LABAMBOLA-PC | User Name: La Bambola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 266.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 266.35
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.1.13.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Lexmark Pro800-Pro900 Series" = Lexmark Pro800-Pro900 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1" = Acer GameZone Console
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{73C96D3B-F9D2-4A0C-81F7-FBED6C75CE77}" = SiDiary 6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}" = Poker Pop
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}" = Airport Mania First Flight
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DFDD0C5-5AC1-484B-ACF8-0F3E1041750B}_is1" = AquaSoft "DiaShow 7 für YouTube"
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ace71e88-1bf2-4793-9e94-1d9a0d19438d}" = Nero 9 Essentials
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}" = Ad-Aware
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Red Ex_is1" = Ashampoo Red Ex 1.0.0
"Ashampoo_DE Toolbar" = Ashampoo DE Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"Google Chrome" = Google Chrome
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"WinLiveSuite" = Windows Live Essentials
"Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 09.01.2012 16:59:35 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: tbAsha.dll_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4ec36c16  Ausnahmecode: 0xc0000005  Fehleroffset: 0x07272060
ID
 des fehlerhaften Prozesses: 0x12ec  Startzeit der fehlerhaften Anwendung: 0x01cccf1189751880
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Pfad
 des fehlerhaften Moduls: tbAsha.dll  Berichtskennung: d563b170-3b04-11e1-a420-f80f4110e59e
 
Error - 10.01.2012 16:52:13 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
 Zeitstempel: 0x4eb4ba27  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0011d296  ID des fehlerhaften
 Prozesses: 0xfbc  Startzeit der fehlerhaften Anwendung: 0x01cccfbb5e67ba80  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll  Berichtskennung: f8b74100-3bcc-11e1-b30f-f80f4110e59e
 
Error - 11.01.2012 11:48:37 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 3f8    Startzeit: 01ccd070520c4480    Endzeit: 0    Anwendungspfad: C:\Program
 Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID: 82b34ef1-3c6b-11e1-a5bd-f80f4110e59e

 
Error - 14.01.2012 13:41:33 | Computer Name = LaBambola-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 464    Startzeit: 01ccd1de4e5e0840    Endzeit: 0    Anwendungspfad: C:\Program
 Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID: f8f617c5-3ed6-11e1-ba07-f80f4110e59e

 
Error - 16.01.2012 19:49:17 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce6c3  ID des fehlerhaften
 Prozesses: 0xd60  Startzeit der fehlerhaften Anwendung: 0x01ccd47e4b8a0cc0  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: b37e692c-409c-11e1-ad85-f80f4110e59e
 
Error - 16.01.2012 20:13:41 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
 Zeitstempel: 0x4ec49b8f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000ce6c3  ID des fehlerhaften
 Prozesses: 0xdf0  Startzeit der fehlerhaften Anwendung: 0x01ccd4a97998c1bc  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 1c06be24-40a0-11e1-ad85-f80f4110e59e
 
Error - 20.01.2012 05:52:08 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
 Zeitstempel: 0x4eb4ba27  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0011d296  ID des fehlerhaften
 Prozesses: 0x1364  Startzeit der fehlerhaften Anwendung: 0x01ccd757335c37f0  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll  Berichtskennung: 69f7d290-434c-11e1-81a4-f80f4110e59e
 
Error - 20.01.2012 16:02:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, 
Zeitstempel: 0x4b200765  Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0,
 Zeitstempel: 0x4b200879  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000000a9ee6
ID
 des fehlerhaften Prozesses: 0x6d4  Startzeit der fehlerhaften Anwendung: 0x01ccd7470d1b69e0
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\lxecserv.dll  Berichtskennung: bc9347f0-43a1-11e1-81a4-f80f4110e59e
 
Error - 24.01.2012 22:00:54 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: lxeccoms.exe, Version: 9.2.33.0, 
Zeitstempel: 0x4b200765  Name des fehlerhaften Moduls: lxecserv.dll, Version: 9.2.33.0,
 Zeitstempel: 0x4b200879  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000000a9ee6
ID
 des fehlerhaften Prozesses: 0x828  Startzeit der fehlerhaften Anwendung: 0x01ccda7f5bff75c0
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\lxeccoms.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\lxecserv.dll  Berichtskennung: 694cf370-46f8-11e1-a5fd-f80f4110e59e
 
Error - 26.01.2012 19:39:52 | Computer Name = LaBambola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7601.17514,
 Zeitstempel: 0x4ce79912  Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7601.17720,
 Zeitstempel: 0x4eb4ba27  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0011d296  ID des fehlerhaften
 Prozesses: 0xca4  Startzeit der fehlerhaften Anwendung: 0x01ccdc8394edca20  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\iexplore.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\mshtml.dll  Berichtskennung: 0a79bce0-4877-11e1-b440-f80f4110e59e
 
[ System Events ]
Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 19.12.2011 13:14:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 19.12.2011 21:54:08 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 20.12.2011 06:19:04 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 21.12.2011 05:32:05 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxecCATSCustConnectService erreicht.
 
Error - 21.12.2011 16:06:48 | Computer Name = LaBambola-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxecCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         
generiert, nachdem ich gegen die 1ste Regel dieses Forums verstossen habe und die Anweisungen von Chris4You für LUK70 für mein Problem auch befolgt habe.
--- --- ---

Zitat:
Hi,

Fix für OTL:
Doppelklick auf die OTL.exe, um das Programm auszuführen.
Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
Code:Alles kopierenAlles auswählenLarusso Modus
:OTL
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3H0P2cNf8J3BvA.exe ()
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PydcCCBGCsduGr.exe ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [PydcCCBGCsduGr.exe] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PydcCCBGCsduGr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
[2012.02.10 21:50:47 | 000,000,851 | -H-- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\System Check.lnk
[2012.02.10 21:50:42 | 000,000,344 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hQTY2BuQJeRyUy
[2012.02.10 21:41:13 | 000,441,344 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PydcCCBGCsduGr.exe
[2012.02.10 21:50:42 | 000,000,344 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hQTY2BuQJeRyUy
[2012.02.10 21:41:14 | 000,441,344 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PydcCCBGCsduGr.exe

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = dword:0x00

:Commands
[emptytemp]
[Reboot]
Den roten Run Fixes! Button anklicken.
Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
%systemroot%\_OTL

Unhide

Lade Dir unhide von folgender Adresse runter und dann per Doppelklick als Admin ausführen:
hxxp://download.bleepingcomputer.com/grinler/unhide.exe
Es werden alle versteckten Dateien sichtbar gemacht, ggf. welche die versteckt sein sollten wieder unsichtbar machen (Auswählen im Explorer->Eingenschaften->versteckt)

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
hxxp://mbam.malwarebytes.org/program...-installer.php
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

chris
__________________
hxxp://www.trojaner-board.de/109599-windows-delayed-write-failed.html#post770629
__________________

Alt 13.02.2012, 18:09   #4
cherokee
 
Failed to save all the components for the file \\System 32\\0000174e - Standard

Failed to save all the components for the file \\System 32\\0000174e



weiß zufällig jemand mehr über den Virus? Woher er kommt? Wie man ihn bekommt...

LG

Antwort

Themen zu Failed to save all the components for the file \\System 32\\0000174e
2.0.7, ad-aware, autorun, avira, conduit, desktop, error, failed, failed to save all the components for the file \\system 32\\0000174e, firefox, flash player, google, google chrome, helper, home, iexplore.exe, iminent, iminent toolbar, install.exe, ntdll.dll, pmmupdate.exe, problem, programm, realtek, registry, rundll, scan, secur, security, software, symantec, system, system 32, version=1.0, webcheck



Ähnliche Themen: Failed to save all the components for the file \\System 32\\0000174e


  1. failed to save all components to file system 32 0000198f this file is corrupted unreadable
    Log-Analyse und Auswertung - 30.03.2012 (13)
  2. failed to save all the components for the file \\system32\
    Plagegeister aller Art und deren Bekämpfung - 28.03.2012 (6)
  3. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 21.03.2012 (13)
  4. Failed to save all the components for the file \\System32
    Log-Analyse und Auswertung - 22.02.2012 (3)
  5. Failed to save all the components for the file \\System32 usw...
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (15)
  6. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 12.02.2012 (1)
  7. Failed to save all the components for the file \\System32\\ [...]
    Log-Analyse und Auswertung - 01.02.2012 (6)
  8. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 16.01.2012 (26)
  9. System Check - Failed to save all the components for the file ... Trojaner oder Hardwarefehler?
    Log-Analyse und Auswertung - 10.01.2012 (6)
  10. WIN XP:Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 25.11.2011 (7)
  11. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\0000428
    Log-Analyse und Auswertung - 15.11.2011 (35)
  12. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\ - St
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (16)
  13. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 13.11.2011 (101)
  14. failed to save all components to file system 32 0000198f this file is corrupted unreadable
    Log-Analyse und Auswertung - 11.11.2011 (24)
  15. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 09.11.2011 (25)
  16. Windows - Delayed Write Failed .. Failed to save all the components for the file \\System32\\
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (10)
  17. Windows - Delayed Write Failed. Failed to save all the components for the file \\System32\\
    Log-Analyse und Auswertung - 07.11.2011 (12)

Zum Thema Failed to save all the components for the file \\System 32\\0000174e - Hallo bin über Google auf dieses Forum gestossen, als ich diese Fehlermeldung eingab: "Failed to save all the components for the file \\System 32\\0000174e The file is currupted or unreadable. - Failed to save all the components for the file \\System 32\\0000174e...
Archiv
Du betrachtest: Failed to save all the components for the file \\System 32\\0000174e auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.