m0ndlicht | 25.05.2010 18:04 | Hab die externe noch checken lassen, wurde nichts gefunden.
Hab den OTL scan jetzt auch gemacht. Code:
OTL logfile created on: 25.05.2010 17:28:10 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,75 Gb Total Space | 314,62 Gb Free Space | 67,55% Space Free | Partition Type: NTFS
Drive D: | 650,43 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1,92 Gb Total Space | 0,94 Gb Free Space | 48,84% Space Free | Partition Type: FAT
Drive F: | 153,35 Gb Total Space | 24,28 Gb Free Space | 15,84% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-2477298
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe ()
PRC - C:\Programme\Microsoft Time Zone\TimeZone.exe (Microsoft)
PRC - C:\Programme\Jasc Software Inc\Paint Shop Pro 9\Paint Shop Pro 9.exe (Jasc Software, Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\rswin_3697.dll ()
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (RTLWUSB) -- C:\WINDOWS\system32\drivers\wg111v2.sys (NETGEAR Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = h**p://www.google.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = h**p://www.youtube.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "h**p://www.youtube.de|h**p://google.de"
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.07 17:06:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.10 23:01:15 | 000,000,000 | ---D | M]
[2010.01.30 20:19:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2010.05.25 00:55:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\1ml4z2kp.default\extensions
[2010.03.29 16:13:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\1ml4z2kp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.30 19:10:47 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\1ml4z2kp.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.05.25 00:55:52 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.05.24 00:24:18 | 000,395,378 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 13652 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Free Download Manager] C:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Timezone] C:\Programme\Microsoft Time Zone\TimeZone.exe (Microsoft)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WG111v2 Smart Wizard Wireless Setting.lnk = C:\Programme\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Programme\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Frontpage\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} h**p://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} h**p://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/mjss/MJSS.cab109791.cab ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} h**p://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\h**p\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\h**p\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\h**ps\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\h**ps\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.30 18:26:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.03.06 15:32:04 | 000,000,000 | R--D | M] - D:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2005.03.06 15:11:24 | 000,700,416 | R--- | M] (Electronic Arts Inc.) - D:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.02.26 09:44:39 | 000,606,208 | R--- | M] (Electronic Arts Inc.) - D:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2005.03.06 15:30:52 | 000,000,138 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{36a37d1c-0dc1-11df-a144-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{36a37d1c-0dc1-11df-a144-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{36a37d1c-0dc1-11df-a144-806d6172696f}\Shell\AutoRun\command - "" = D:\AutoRun.exe -- [2005.03.06 15:11:24 | 000,700,416 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: AppSecDll - (C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Windows Server\jdfmaf.dll) - C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Windows Server\jdfmaf.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2010.05.25 17:26:20 | 000,571,904 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2010.05.25 17:26:06 | 000,571,904 | ---- | C] (OldTimer Tools) -- F:\OTL.exe
[2010.05.25 13:43:49 | 000,000,000 | ---D | C] -- C:\Programme\HiJackThis
[2010.05.25 11:22:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010.05.25 02:29:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2010.05.25 02:21:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Scripts
[2010.05.25 02:21:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrineSoft
[2010.05.25 01:33:56 | 000,000,000 | ---D | C] -- C:\Programme\Safari
[2010.05.24 00:16:09 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2010.05.24 00:16:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2010.05.23 03:09:00 | 000,000,000 | ---D | C] -- F:\Downloads
[2010.05.22 15:52:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010.05.22 11:29:01 | 002,355,960 | ---- | C] (Microsoft Corporation) -- F:\WinINET_Debug.exe
[2010.05.22 01:50:34 | 000,289,144 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\VCCLSID.exe
[2010.05.22 01:50:34 | 000,288,417 | ---- | C] (S!Ri) -- C:\WINDOWS\System32\SrchSTS.exe
[2010.05.22 01:50:34 | 000,079,360 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swxcacls.exe
[2010.05.22 01:50:33 | 000,135,168 | ---- | C] (SteelWerX) -- C:\WINDOWS\System32\swreg.exe
[2010.05.22 01:50:33 | 000,053,248 | ---- | C] (h**p://www.beyondlogic.org) -- C:\WINDOWS\System32\Process.exe
[2010.05.22 01:50:22 | 000,000,000 | ---D | C] -- F:\SmitfraudFix
[2010.05.22 01:45:52 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2010.05.22 01:31:04 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.05.22 01:29:51 | 003,382,520 | ---- | C] (Piriform Ltd) -- F:\ccsetup231.exe
[2010.05.22 01:29:06 | 010,534,592 | ---- | C] (ReviverSoft LLC.) -- F:\RegistryReviverSetup.exe
[2010.05.22 01:00:43 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group
[2010.05.22 00:57:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010.05.22 00:57:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP
[2010.05.22 00:34:05 | 068,502,344 | ---- | C] (Norman ASA) -- F:\Norman_Malware_Cleaner.exe
[2010.05.21 19:48:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\EA Games
[2010.05.21 14:50:38 | 000,000,000 | ---D | C] -- F:\EA Games
[2010.05.21 14:17:20 | 000,000,000 | ---D | C] -- C:\Programme\EA GAMES
[2010.05.21 14:17:19 | 000,442,368 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2010.05.21 03:28:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Windows Server
[2010.05.18 16:38:53 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.05.18 16:38:52 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.04.25 19:55:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\WMTools Downloaded Files
[2010.04.25 19:46:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[1 F:\*.tmp files -> F:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.05.25 17:26:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- F:\OTL.exe
[2010.05.25 17:26:12 | 000,571,904 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2010.05.25 17:21:34 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\vtglkp.sys
[2010.05.25 15:48:28 | 000,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Word.lnk
[2010.05.25 14:59:42 | 012,058,624 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT
[2010.05.25 13:43:25 | 000,123,904 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.25 13:43:20 | 001,402,880 | ---- | M] () -- F:\HiJackThis.msi
[2010.05.25 13:40:51 | 000,001,566 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.05.25 13:37:16 | 000,065,168 | ---- | M] () -- F:\Oh My Lady 01.srt
[2010.05.25 13:37:06 | 000,055,976 | ---- | M] () -- F:\Oh My Lady 02.srt
[2010.05.25 13:10:10 | 734,547,968 | ---- | M] () -- F:\Oh My Lady 02.avi
[2010.05.25 12:30:56 | 734,781,440 | ---- | M] () -- F:\Oh My Lady 01.avi
[2010.05.25 12:11:06 | 000,240,403 | ---- | M] () -- F:\the archers song.mp3
[2010.05.25 11:04:48 | 000,007,806 | -HS- | M] () -- F:\Folder.jpg
[2010.05.25 11:04:48 | 000,002,112 | -HS- | M] () -- F:\AlbumArtSmall.jpg
[2010.05.25 09:53:41 | 000,200,513 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.25 09:46:51 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.25 09:46:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.25 03:06:00 | 000,856,013 | ---- | M] () -- F:\the archers.mp3
[2010.05.25 03:06:00 | 000,657,064 | ---- | M] () -- F:\BBC world früher.mp3
[2010.05.25 03:06:00 | 000,546,723 | ---- | M] () -- F:\radio 4 theme song.mp3
[2010.05.25 03:06:00 | 000,476,924 | ---- | M] () -- F:\BBc world now.mp3
[2010.05.25 03:06:00 | 000,392,078 | ---- | M] () -- F:\radio 4 1978.mp3
[2010.05.25 03:06:00 | 000,238,687 | ---- | M] () -- F:\big ben.mp3
[2010.05.25 01:34:47 | 000,084,108 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.05.24 13:22:26 | 000,039,936 | ---- | M] () -- F:\Physik.doc
[2010.05.24 05:31:48 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2010.05.24 04:59:14 | 000,345,330 | ---- | M] () -- F:\jaypark_by_zero1047.psd
[2010.05.24 03:06:04 | 000,002,401 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Animation Shop 3.lnk
[2010.05.24 00:24:18 | 000,395,378 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.msn
[2010.05.24 00:24:18 | 000,395,378 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.23 23:53:36 | 000,000,820 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100524-002418.backup
[2010.05.23 13:33:43 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ImageShack Uploader.lnk
[2010.05.23 12:29:52 | 000,043,008 | ---- | M] () -- F:\Handout.doc
[2010.05.23 03:22:50 | 002,040,513 | ---- | M] () -- F:\2dlly8k.jpg
[2010.05.23 03:22:36 | 000,936,596 | ---- | M] () -- F:\264jmvs.jpg
[2010.05.23 03:22:20 | 000,788,687 | ---- | M] () -- F:\2uzqghs.jpg
[2010.05.23 03:22:02 | 000,407,709 | ---- | M] () -- F:\ie3y1k.jpg
[2010.05.23 03:22:00 | 000,424,092 | ---- | M] () -- F:\168j5s1.jpg
[2010.05.23 03:21:34 | 001,797,657 | ---- | M] () -- F:\e6po9y.jpg
[2010.05.23 03:21:32 | 000,919,017 | ---- | M] () -- F:\11cbpxy.jpg
[2010.05.23 03:20:20 | 000,982,095 | ---- | M] () -- F:\351wxfm.jpg
[2010.05.23 03:19:36 | 001,450,324 | ---- | M] () -- F:\293kahc.jpg
[2010.05.23 03:19:32 | 002,460,136 | ---- | M] () -- F:\63zv60.jpg
[2010.05.23 03:19:32 | 002,228,883 | ---- | M] () -- F:\27zhnrn.jpg
[2010.05.23 03:19:30 | 000,784,353 | ---- | M] () -- F:\25j8r4n.jpg
[2010.05.23 03:19:28 | 002,058,081 | ---- | M] () -- F:\5lw7m0.jpg
[2010.05.23 03:18:16 | 001,014,860 | ---- | M] () -- F:\29b0wtc.jpg
[2010.05.23 03:18:10 | 000,406,546 | ---- | M] () -- F:\24l8kr6.jpg
[2010.05.23 03:18:08 | 000,928,973 | ---- | M] () -- F:\kdn50l.jpg
[2010.05.23 03:18:04 | 003,413,440 | ---- | M] () -- F:\123pcpf.jpg
[2010.05.23 03:17:50 | 002,728,947 | ---- | M] () -- F:\161dxty.jpg
[2010.05.23 03:17:00 | 001,289,596 | ---- | M] () -- F:\aauqnm.jpg
[2010.05.23 03:16:44 | 001,035,965 | ---- | M] () -- F:\214qkw3.jpg
[2010.05.23 03:16:38 | 000,745,255 | ---- | M] () -- F:\dyn3iv.jpg
[2010.05.23 03:16:34 | 000,424,583 | ---- | M] () -- F:\w1vjp4.jpg
[2010.05.23 03:16:08 | 000,699,459 | ---- | M] () -- F:\2cig2mf.jpg
[2010.05.23 03:15:14 | 001,256,287 | ---- | M] () -- F:\2ikr0hg.jpg
[2010.05.23 03:15:12 | 000,729,764 | ---- | M] () -- F:\j67ntl.jpg
[2010.05.23 03:15:12 | 000,519,762 | ---- | M] () -- F:\1zr2tj4.jpg
[2010.05.23 03:15:08 | 002,095,392 | ---- | M] () -- F:\2055rvo.jpg
[2010.05.23 03:15:02 | 000,571,392 | ---- | M] () -- F:\k2k6jq.jpg
[2010.05.23 03:14:10 | 000,752,522 | ---- | M] () -- F:\2nkudy8.jpg
[2010.05.23 03:14:04 | 001,022,550 | ---- | M] () -- F:\359d4qg.jpg
[2010.05.23 03:14:00 | 000,751,233 | ---- | M] () -- F:\2u8idcp.jpg
[2010.05.23 03:13:58 | 002,217,392 | ---- | M] () -- F:\96gay0.jpg
[2010.05.23 03:13:52 | 001,526,210 | ---- | M] () -- F:\2zrg7r7.jpg
[2010.05.23 03:13:06 | 002,469,718 | ---- | M] () -- F:\ncjhhv.jpg
[2010.05.23 03:12:58 | 001,519,243 | ---- | M] () -- F:\2lbcf37.jpg
[2010.05.23 03:12:44 | 000,875,936 | ---- | M] () -- F:\8yyj9l.jpg
[2010.05.23 03:11:56 | 001,798,154 | ---- | M] () -- F:\2v8ip3s.jpg
[2010.05.23 03:11:44 | 001,987,147 | ---- | M] () -- F:\2ez0ht3.jpg
[2010.05.23 03:11:10 | 000,794,129 | ---- | M] () -- F:\w82v88.jpg
[2010.05.23 03:11:00 | 000,412,756 | ---- | M] () -- F:\2eozgub.jpg
[2010.05.23 03:10:44 | 001,520,186 | ---- | M] () -- F:\10hpwlz.jpg
[2010.05.23 03:10:36 | 001,866,678 | ---- | M] () -- F:\2d7a2jr.jpg
[2010.05.23 03:10:32 | 001,042,023 | ---- | M] () -- F:\2vl8nbk.jpg
[2010.05.23 03:09:52 | 005,293,601 | ---- | M] () -- F:\fd8tgo.jpg
[2010.05.23 03:09:28 | 000,946,887 | ---- | M] () -- F:\2qwfoz8.jpg
[2010.05.23 03:09:26 | 000,938,293 | ---- | M] () -- F:\2vt2lmu.jpg
[2010.05.23 03:09:12 | 000,740,069 | ---- | M] () -- F:\k0hnvr.jpg
[2010.05.23 03:09:02 | 000,821,294 | ---- | M] () -- F:\2u8gd8l.jpg
[2010.05.22 01:50:00 | 001,872,472 | ---- | M] () -- F:\SmitfraudFix.exe
[2010.05.22 01:30:00 | 003,382,520 | ---- | M] (Piriform Ltd) -- F:\ccsetup231.exe
[2010.05.22 01:29:24 | 010,534,592 | ---- | M] (ReviverSoft LLC.) -- F:\RegistryReviverSetup.exe
[2010.05.22 00:35:04 | 068,502,344 | ---- | M] (Norman ASA) -- F:\Norman_Malware_Cleaner.exe
[2010.05.22 00:21:44 | 036,888,902 | ---- | M] () -- F:\FT Island - Flower Rock.rar
[2010.05.21 14:52:50 | 000,001,704 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims 2.lnk
[2010.05.21 11:53:22 | 000,376,748 | -H-- | M] () -- F:\201005191910511001_1.jpg
[2010.05.21 11:53:16 | 034,595,048 | -H-- | M] () -- F:\7.0.0.538f-sdsetup.exe
[2010.05.21 11:53:14 | 000,210,361 | ---- | M] () -- F:\201005191904521001_1.jpg
[2010.05.21 11:53:10 | 000,426,356 | ---- | M] () -- F:\201005191902531001_1.jpg
[2010.05.21 11:53:04 | 000,696,838 | -H-- | M] () -- F:\99MBmisc.zip
[2010.05.19 16:39:50 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.18 16:39:27 | 000,000,076 | ---- | M] () -- C:\WINDOWS\WINHLP32.DL2
[2010.05.18 16:38:53 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2010.05.18 16:38:52 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2010.05.16 20:16:59 | 000,000,558 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.03 19:38:30 | 000,006,136 | -HS- | M] () -- F:\AlbumArt_{B73FCE55-2A61-4CED-85DB-C2EF3A859D00}_Large.jpg
[2010.05.03 19:38:30 | 000,001,816 | -HS- | M] () -- F:\AlbumArt_{B73FCE55-2A61-4CED-85DB-C2EF3A859D00}_Small.jpg
[2010.05.03 15:44:29 | 001,069,228 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.03 15:44:29 | 000,458,806 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.05.03 15:44:29 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.03 15:44:29 | 000,084,516 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.05.03 15:44:29 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.02 14:58:42 | 027,459,115 | ---- | M] () -- F:\UKISSCHIKKINZ.rar
[2010.05.01 12:16:49 | 000,002,501 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Jasc Paint Shop Pro 9.lnk
[2010.04.29 20:19:26 | 000,955,591 | ---- | M] () -- F:\1268369285_100311_005.jpg
[2010.04.29 20:19:18 | 000,960,708 | ---- | M] () -- F:\1268369285_100311_004.jpg
[2010.04.29 20:19:08 | 000,982,462 | ---- | M] () -- F:\1268369285_100311_003.jpg
[2010.04.29 20:18:58 | 000,973,786 | ---- | M] () -- F:\1268369285_100311_002.jpg
[2010.04.29 20:18:48 | 000,970,885 | ---- | M] () -- F:\1268369285_100311_001.jpg
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[1 F:\*.tmp files -> F:\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.05.25 17:21:34 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\vtglkp.sys
[2010.05.25 13:43:16 | 001,402,880 | ---- | C] () -- F:\HiJackThis.msi
[2010.05.25 13:40:51 | 000,001,566 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010.05.25 13:37:13 | 000,065,168 | ---- | C] () -- F:\Oh My Lady 01.srt
[2010.05.25 13:37:03 | 000,055,976 | ---- | C] () -- F:\Oh My Lady 02.srt
[2010.05.25 12:42:18 | 734,547,968 | ---- | C] () -- F:\Oh My Lady 02.avi
[2010.05.25 12:06:25 | 000,856,013 | ---- | C] () -- F:\the archers.mp3
[2010.05.25 12:06:25 | 000,546,723 | ---- | C] () -- F:\radio 4 theme song.mp3
[2010.05.25 12:06:25 | 000,392,078 | ---- | C] () -- F:\radio 4 1978.mp3
[2010.05.25 12:06:25 | 000,240,403 | ---- | C] () -- F:\the archers song.mp3
[2010.05.25 12:06:24 | 000,657,064 | ---- | C] () -- F:\BBC world früher.mp3
[2010.05.25 12:06:24 | 000,476,924 | ---- | C] () -- F:\BBc world now.mp3
[2010.05.25 12:06:24 | 000,238,687 | ---- | C] () -- F:\big ben.mp3
[2010.05.25 11:49:57 | 734,781,440 | ---- | C] () -- F:\Oh My Lady 01.avi
[2010.05.25 11:04:02 | 007,980,436 | ---- | C] () -- F:\01 No.1 (남아공 월드컵 ê³µì‹ ì£¼ì*œê°€).mp3
[2010.05.25 01:34:47 | 000,084,108 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.05.24 14:17:24 | 001,917,513 | ---- | C] () -- F:\100517 Mcountdown (May 13th Special, Easy Performances).rar
[2010.05.24 13:39:45 | 254,196,832 | ---- | C] () -- C:\100109 Comedy TV Uljjang Generation S2 - Ep 6 (Kiseop + Soohyun Cut).avi
[2010.05.24 13:22:28 | 000,039,936 | ---- | C] () -- F:\Physik.doc
[2010.05.23 12:29:52 | 000,043,008 | ---- | C] () -- F:\Handout.doc
[2010.05.23 03:21:42 | 000,788,687 | ---- | C] () -- F:\2uzqghs.jpg
[2010.05.23 03:21:35 | 000,936,596 | ---- | C] () -- F:\264jmvs.jpg
[2010.05.23 03:21:34 | 002,040,513 | ---- | C] () -- F:\2dlly8k.jpg
[2010.05.23 03:21:19 | 000,407,709 | ---- | C] () -- F:\ie3y1k.jpg
[2010.05.23 03:20:30 | 000,919,017 | ---- | C] () -- F:\11cbpxy.jpg
[2010.05.23 03:19:38 | 000,424,092 | ---- | C] () -- F:\168j5s1.jpg
[2010.05.23 03:19:37 | 001,797,657 | ---- | C] () -- F:\e6po9y.jpg
[2010.05.23 03:19:32 | 000,982,095 | ---- | C] () -- F:\351wxfm.jpg
[2010.05.23 03:18:34 | 000,784,353 | ---- | C] () -- F:\25j8r4n.jpg
[2010.05.23 03:18:19 | 002,460,136 | ---- | C] () -- F:\63zv60.jpg
[2010.05.23 03:18:15 | 002,228,883 | ---- | C] () -- F:\27zhnrn.jpg
[2010.05.23 03:18:14 | 001,450,324 | ---- | C] () -- F:\293kahc.jpg
[2010.05.23 03:17:58 | 002,058,081 | ---- | C] () -- F:\5lw7m0.jpg
[2010.05.23 03:17:20 | 000,406,546 | ---- | C] () -- F:\24l8kr6.jpg
[2010.05.23 03:17:15 | 000,928,973 | ---- | C] () -- F:\kdn50l.jpg
[2010.05.23 03:17:10 | 001,014,860 | ---- | C] () -- F:\29b0wtc.jpg
[2010.05.23 03:16:52 | 003,413,440 | ---- | C] () -- F:\123pcpf.jpg
[2010.05.23 03:16:27 | 002,728,947 | ---- | C] () -- F:\161dxty.jpg
[2010.05.23 03:15:31 | 001,289,596 | ---- | C] () -- F:\aauqnm.jpg
[2010.05.23 03:15:24 | 000,745,255 | ---- | C] () -- F:\dyn3iv.jpg
[2010.05.23 03:15:21 | 000,424,583 | ---- | C] () -- F:\w1vjp4.jpg
[2010.05.23 03:15:18 | 000,699,459 | ---- | C] () -- F:\2cig2mf.jpg
[2010.05.23 03:15:16 | 001,035,965 | ---- | C] () -- F:\214qkw3.jpg
[2010.05.23 03:14:23 | 000,519,762 | ---- | C] () -- F:\1zr2tj4.jpg
[2010.05.23 03:14:22 | 000,729,764 | ---- | C] () -- F:\j67ntl.jpg
[2010.05.23 03:14:14 | 000,571,392 | ---- | C] () -- F:\k2k6jq.jpg
[2010.05.23 03:14:12 | 001,256,287 | ---- | C] () -- F:\2ikr0hg.jpg
[2010.05.23 03:13:57 | 002,095,392 | ---- | C] () -- F:\2055rvo.jpg
[2010.05.23 03:13:50 | 000,752,522 | ---- | C] () -- F:\2nkudy8.jpg
[2010.05.23 03:13:15 | 000,751,233 | ---- | C] () -- F:\2u8idcp.jpg
[2010.05.23 03:13:06 | 001,022,550 | ---- | C] () -- F:\359d4qg.jpg
[2010.05.23 03:12:26 | 001,526,210 | ---- | C] () -- F:\2zrg7r7.jpg
[2010.05.23 03:12:00 | 002,217,392 | ---- | C] () -- F:\96gay0.jpg
[2010.05.23 03:11:26 | 002,469,718 | ---- | C] () -- F:\ncjhhv.jpg
[2010.05.23 03:11:14 | 001,519,243 | ---- | C] () -- F:\2lbcf37.jpg
[2010.05.23 03:11:12 | 000,875,936 | ---- | C] () -- F:\8yyj9l.jpg
[2010.05.23 03:10:40 | 001,987,147 | ---- | C] () -- F:\2ez0ht3.jpg
[2010.05.23 03:10:40 | 001,798,154 | ---- | C] () -- F:\2v8ip3s.jpg
[2010.05.23 03:10:29 | 000,794,129 | ---- | C] () -- F:\w82v88.jpg
[2010.05.23 03:10:05 | 000,412,756 | ---- | C] () -- F:\2eozgub.jpg
[2010.05.23 03:09:39 | 001,520,186 | ---- | C] () -- F:\10hpwlz.jpg
[2010.05.23 03:09:39 | 001,042,023 | ---- | C] () -- F:\2vl8nbk.jpg
[2010.05.23 03:09:30 | 005,293,601 | ---- | C] () -- F:\fd8tgo.jpg
[2010.05.23 03:08:51 | 000,938,293 | ---- | C] () -- F:\2vt2lmu.jpg
[2010.05.23 03:08:42 | 000,740,069 | ---- | C] () -- F:\k0hnvr.jpg
[2010.05.23 03:08:40 | 001,866,678 | ---- | C] () -- F:\2d7a2jr.jpg
[2010.05.23 03:08:38 | 000,946,887 | ---- | C] () -- F:\2qwfoz8.jpg
[2010.05.23 03:08:38 | 000,821,294 | ---- | C] () -- F:\2u8gd8l.jpg
[2010.05.22 01:50:34 | 000,075,776 | ---- | C] () -- C:\WINDOWS\System32\WS2Fix.exe
[2010.05.22 01:50:34 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\dumphive.exe
[2010.05.22 01:50:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\swsc.exe
[2010.05.22 01:49:39 | 001,872,472 | ---- | C] () -- F:\SmitfraudFix.exe
[2010.05.21 14:52:50 | 000,001,704 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Die Sims 2.lnk
[2010.05.21 11:53:05 | 034,595,048 | -H-- | C] () -- F:\7.0.0.538f-sdsetup.exe
[2010.05.21 00:41:58 | 000,376,748 | -H-- | C] () -- F:\201005191910511001_1.jpg
[2010.05.21 00:41:55 | 000,210,361 | ---- | C] () -- F:\201005191904521001_1.jpg
[2010.05.21 00:41:50 | 000,426,356 | ---- | C] () -- F:\201005191902531001_1.jpg
[2010.05.18 16:39:27 | 000,000,076 | ---- | C] () -- C:\WINDOWS\WINHLP32.DL2
[2010.05.03 19:38:29 | 000,006,136 | -HS- | C] () -- F:\AlbumArt_{B73FCE55-2A61-4CED-85DB-C2EF3A859D00}_Large.jpg
[2010.05.03 19:38:29 | 000,001,816 | -HS- | C] () -- F:\AlbumArt_{B73FCE55-2A61-4CED-85DB-C2EF3A859D00}_Small.jpg
[2010.04.29 20:19:18 | 000,955,591 | ---- | C] () -- F:\1268369285_100311_005.jpg
[2010.04.29 20:19:08 | 000,960,708 | ---- | C] () -- F:\1268369285_100311_004.jpg
[2010.04.29 20:18:58 | 000,982,462 | ---- | C] () -- F:\1268369285_100311_003.jpg
[2010.04.29 20:18:48 | 000,973,786 | ---- | C] () -- F:\1268369285_100311_002.jpg
[2010.04.29 20:18:38 | 000,970,885 | ---- | C] () -- F:\1268369285_100311_001.jpg
[2010.03.26 19:38:51 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.08.23 17:06:44 | 000,638,976 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.08.23 16:43:46 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.08.24 06:11:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.08.24 06:11:00 | 001,499,136 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.08.24 06:11:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.08.24 06:11:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.08.24 06:11:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
========== Files - Unicode (All) ==========
[2010.04.15 00:20:33 | 000,000,000 | ---D | C](F:\2NISE - ??? (EP)) -- F:\2NISE - 왜이래 (EP)
[2010.04.14 11:56:04 | 000,000,000 | ---D | M](F:\2NISE - ??? (EP)) -- F:\2NISE - 왜이래 (EP)
========== Alternate Data Streams ==========
@Alternate Data Stream - 121 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
< End of report > Code:
OTL Extras logfile created on: 25.05.2010 17:28:10 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 465,75 Gb Total Space | 314,62 Gb Free Space | 67,55% Space Free | Partition Type: NTFS
Drive D: | 650,43 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1,92 Gb Total Space | 0,94 Gb Free Space | 48,84% Space Free | Partition Type: FAT
Drive F: | 153,35 Gb Total Space | 24,28 Gb Free Space | 15,84% Space Free | Partition Type: FAT32
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***-2477298
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
h**p [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
h**ps [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with Paint Shop Pro 9] -- "C:\Programme\Jasc Software Inc\Paint Shop Pro 9\\Paint Shop Pro 9.exe" "/Browse" "%L" (Jasc Software, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1033:TCP" = 1033:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03F7DFF0-A406-4F1A-9E37-F75E6D614ABC}" = Microsoft Time Zone
"{1A89C6BC-8B49-4B54-9BB2-613F7825C50E}" = Fotobounce
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{8BCD7AE7-F713-4D50-BAB9-7839B9386870}" = ImageShack Uploader 2.2.0
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AFD5ED58-271A-4907-96C2-2745C83BB035}" = NVIDIA PhysX v8.08.18
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E0F252A6-DE85-4E93-A93B-DFC3537B3965}" = WG111v2 Configuration Utility
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Audition Online1.2.6064" = Audition Online
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"FlickrDown" = FlickrDown
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Download Manager_is1" = Free Download Manager 3.0
"Free Video Dub_is1" = Free Video Dub version 1.5
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"The KMPlayer" = The KMPlayer (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD Video Codec" = XviD Video Codec (remove only)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 05.05.2010 07:48:57 | Computer Name = ***-2477298 | Source = ESENT | ID = 490
Description = svchost (1084) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 07.05.2010 10:06:31 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung paint shop pro 9.exe, Version 9.0.0.0, fehlgeschlagenes
Modul mfc71.dll, Version 7.10.3077.0, Fehleradresse 0x000358a5.
Error - 08.05.2010 08:51:36 | Computer Name = ***-2477298 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.17023, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 17.05.2010 10:34:29 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 7.0.6000.17023, fehlgeschlagenes
Modul mshtml.dll, Version 7.0.6000.17023, Fehleradresse 0x00219f3f.
Error - 21.05.2010 06:04:50 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00d13c0a.
Error - 22.05.2010 19:45:44 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung anim.exe, Version 3.1.1.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00143c0a.
Error - 22.05.2010 19:47:33 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung anim.exe, Version 3.1.1.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00143c0a.
Error - 23.05.2010 17:51:12 | Computer Name = ***-2477298 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung msnmsgr.exe, Version 14.0.8089.726, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 23.05.2010 18:58:01 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 7.0.6000.17023, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00153c0a.
Error - 25.05.2010 09:03:33 | Computer Name = ***-2477298 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x01253c0a.
[ System Events ]
Error - 30.04.2010 12:14:06 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.3 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 01.05.2010 18:21:10 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 04.05.2010 08:11:50 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 07.05.2010 05:34:52 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.3 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 07.05.2010 10:06:09 | Computer Name = ***-2477298 | Source = nv | ID = 262252
Description = Treiber nv4_disp für display-Gerät \Device\Video0 befindet sich in
einer unendlichen Schleife. Wahrscheinlich funktioniert das Gerät fehlerhaft, oder
die Hardware wurde vom Gerätetreiber nicht ordnungsgemäß programmiert. Wenden Sie
sich an den Hardwarehersteller, um Treiberupdates zu beziehen.
Error - 07.05.2010 10:10:21 | Computer Name = ***-2477298 | Source = System Error | ID = 1003
Description = Fehlercode 000000ea, 1. Parameter 886986f0, 2. Parameter 89aa70f8,
3. Parameter 8997baf8, 4. Parameter 00000001.
Error - 10.05.2010 09:19:30 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 13.05.2010 04:52:42 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.3 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 18.05.2010 09:57:25 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.3 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 22.05.2010 16:43:03 | Computer Name = ***-2477298 | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.2 für die Netzwerkkarte mit der Netzwerkadresse
0018380483A1 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
< End of report > |