OTL Logfile: Code:
OTL Extras logfile created on: 12.07.2010 19:29:25 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Dokumente und Einstellungen\****\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 36,04 Gb Free Space | 73,80% Space Free | Partition Type: NTFS
Drive D: | 184,04 Gb Total Space | 75,85 Gb Free Space | 41,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ****
Current User Name: ****
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Spiele\Warcraft III\Warcraft III.exe" = D:\Spiele\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found
"D:\Spiele\DawnofWar\W40k.exe" = D:\Spiele\DawnofWar\W40k.exe:*:Disabled:W40K -- File not found
"C:\Programme\Yahoo!\Messenger\YahooMessenger.exe" = C:\Programme\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Ruff-Tech\Ruff-FTP\ftpsck.exe" = C:\Programme\Ruff-Tech\Ruff-FTP\ftpsck.exe:*:Disabled:Ftp-Client -- (Ruff-Tech)
"C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\CNC4SERVER.exe" = C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\CNC4SERVER.exe:*:Enabled:CNC4SERVER -- File not found
"C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\Accounts\CNC4SERVER.exe" = C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\Accounts\CNC4SERVER.exe:*:Enabled:CNC4SERVER -- File not found
"C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\Crack\CNC4SERVER\CNC4SERVER.exe" = C:\Programme\Electronic Arts\Command & Conquer 4 Tiberian Twilight\CNC4SERVER\CNC4SERVER.exe:*:Enabled:CNC4SERVER -- ()
"D:\Command.and.Conquer.4.Tiberian.Twilight.GERMAN-GiNALiSA\CNC4SERVER\CNC4SERVER.exe" = D:\Command.and.Conquer.4.Tiberian.Twilight.GERMAN-GiNALiSA\CNC4SERVER\CNC4SERVER.exe:*:Enabled:CNC4SERVER -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{19F62E2F-ABDB-4BE7-A7BB-38DF264D8F72}" = xVideoServiceThief
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 20
"{296B2D8E-CE82-92AF-B2E8-A646E7CB78A2}_is1" = RegAlyzer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{699BAC7F-DC10-4709-97D8-45379301BBE7}" = NVIDIA PhysX v8.08.01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam-Software
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF097717-F174-4144-954A-FBC4BF301031}" = Nero 7 Premium
"{CF49A5C4-E09A-4A22-BE7B-E42C687952BC}" = O&O Defrag Professional
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.5
"Glary Registry Repair_is1" = Glary Registry Repair 3.3.0.852
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"NVIDIA Drivers" = NVIDIA Drivers
"QcDrv" = Logitech® Camera-Treiber
"Ruff-FTP_is1" = Ruff-Tech
"Uninstall_is1" = Uninstall 1.0.0.1
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.35
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.8.1
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 08.02.2010 12:44:49 | Computer Name = ***** | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 11.07.2010 07:30:27 | Computer Name = ***** | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 11.07.2010 07:30:35 | Computer Name = ***** | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 11.07.2010 10:36:35 | Computer Name = ***** | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung 4ne7qdym.exe, Version 1.0.15.15281, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.07.2010 10:37:02 | Computer Name = ***** | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung notepad.exe, Version 5.1.2600.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.07.2010 10:39:49 | Computer Name = ***** | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung 4ne7qdym.exe, Version 1.0.15.15281, fehlgeschlagenes
Modul 4ne7qdym.exe, Version 1.0.15.15281, Fehleradresse 0x0005c887.
Error - 11.07.2010 13:10:07 | Computer Name = ***** | Source = Google Update | ID = 20
Description =
Error - 11.07.2010 15:38:24 | Computer Name = ***** | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 11.07.2010 17:58:40 | Computer Name = **** | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
[ System Events ]
Error - 11.07.2010 17:33:58 | Computer Name = **** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:33:59 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:34:00 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:34:01 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:34:02 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:34:03 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:34:04 | Computer Name = ***** | Source = Cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom4 gefunden.
Error - 11.07.2010 17:56:22 | Computer Name = ***** | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "desktop.ini" auf Volume "HarddiskVolume2"
ist im Wiederherstellungsfilter der unerwartete Fehler "0xC000009A" aufgetreten.
Die Volumeüberwachung wurde angehalten.
Error - 12.07.2010 09:05:47 | Computer Name = ***** | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 12.07.2010 09:05:47 | Computer Name = ***** | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
< End of report > --- --- ---
[code]
OTL Logfile: Code:
OTL logfile created on: 12.07.2010 19:29:25 - Run 2
OTL by OldTimer - Version 3.2.9.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 64,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINXP | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 36,04 Gb Free Space | 73,80% Space Free | Partition Type: NTFS
Drive D: | 184,04 Gb Total Space | 75,85 Gb Free Space | 41,22% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: *****
Current User Name: *****
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Olli\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\WINXP\system32\wuaucldt.exe ()
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINXP\system32\oodag.exe (O&O Software GmbH)
PRC - C:\WINXP\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\WINXP\system32\LVCOMSX.EXE (Logitech Inc.)
PRC - C:\Programme\Logitech\Video\LogiTray.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\Video\FxSvr2.exe (Logitech Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINXP\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINXP\System32\hidserv.dll File not found
SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (O&O Defrag) -- C:\WINXP\system32\oodag.exe (O&O Software GmbH)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (PxHelp20) -- C:\WINXP\System32\Drivers\PxHelp20.sys File not found
DRV - (aswTdi) -- C:\WINXP\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINXP\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINXP\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINXP\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINXP\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINXP\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (MBAMSwissArmy) -- C:\WINXP\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\WINXP\System32\Drivers\sptd.sys ()
DRV - (nv) -- C:\WINXP\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (RTLE8023xp) -- C:\WINXP\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (HDAudBus) -- C:\WINXP\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINXP\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (imagesrv) -- C:\WINXP\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINXP\System32\Drivers\imagedrv.sys (Ahead Software AG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "hxxp://google.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.06.24 23:38:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.06.24 23:38:16 | 000,000,000 | ---D | M]
[2009.08.17 20:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Olli\Anwendungsdaten\Mozilla\Extensions
[2010.07.12 17:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Olli\Anwendungsdaten\Mozilla\Firefox\Profiles\5qvukgnr.default\extensions
[2010.03.26 17:05:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Olli\Anwendungsdaten\Mozilla\Firefox\Profiles\5qvukgnr.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.06.07 23:51:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Olli\Anwendungsdaten\Mozilla\Firefox\Profiles\5qvukgnr.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.07.12 17:59:54 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.04.17 00:15:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.04.03 07:37:55 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.10 11:51:46 | 000,002,191 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.04.03 07:37:55 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.04.03 07:37:55 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.04.03 07:37:55 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.04.03 07:37:55 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.03.21 22:03:38 | 000,380,790 | R--- | M]) - C:\WINXP\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13116 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINXP\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [LVCOMSX] C:\WINXP\system32\LVCOMSX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Regedit32] C:\WINXP\System32\regedit.exe File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [syncman] C:\WINXP\system32\wuaucldt.exe ()
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [LogitechSoftwareUpdate] C:\Programme\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [syncman] c:\dokumente und einstellungen\****\wuaucldt.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\Olli\Startmenü\Programme\Autostart\srvklw32.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\****\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINXP\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINXP\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINXP\Web\Wallpaper\Grüne Idylle.bmp
O32 - Unable to open key or key not present!
O32 - AutoRun File - [2009.02.18 20:45:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{550605e4-d109-11de-a278-001966a31169}\Shell\AutoRun\command - "" = G:\Menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBSOODBS) - File not found
O34 - HKLM BootExecute: (pfdnnt C:\WINXP\system32\pfdnnt_actions.sys) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\WINXP\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.07.12 18:34:24 | 000,000,000 | ---D | C] -- C:\Programme\Wise Registry Cleaner
[2010.07.12 18:22:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.07.12 15:08:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\dmsh32
[2010.07.11 00:48:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Panda Security
[2010.07.11 00:46:59 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2010.07.11 00:46:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panda Security
[2010.07.10 12:21:36 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINXP\avastSS.scr
[2010.07.10 07:10:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.07.10 07:10:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.06.15 05:16:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.12 19:10:54 | 000,000,001 | ---- | M] () -- C:\Dokumente und Einstellungen\****\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010.07.12 19:10:00 | 000,001,084 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.12 18:34:24 | 000,001,684 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk
[2010.07.12 18:34:24 | 000,000,806 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk
[2010.07.12 17:22:05 | 000,001,080 | ---- | M] () -- C:\WINXP\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.12 17:22:03 | 000,000,006 | -H-- | M] () -- C:\WINXP\tasks\SA.DAT
[2010.07.12 17:21:58 | 000,002,048 | --S- | M] () -- C:\WINXP\bootstat.dat
[2010.07.12 17:21:56 | 001,081,619 | ---- | M] () -- C:\WINXP\System32\oodbs.lor
[2010.07.12 15:49:17 | 000,196,673 | ---- | M] () -- C:\WINXP\System32\nvapps.xml
[2010.07.12 00:02:44 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\****\ntuser.ini
[2010.07.11 23:52:08 | 000,000,069 | ---- | M] () -- C:\WINXP\NeroDigital.ini
[2010.07.11 21:38:54 | 000,036,864 | ---- | M] () -- C:\WINXP\System32\wuaucldt.exe
[2010.07.11 20:16:32 | 008,388,608 | ---- | M] () -- C:\Dokumente und Einstellungen\****\NTUSER.DAT
[2010.07.11 12:35:31 | 002,118,204 | -H-- | M] () -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.07.11 00:49:23 | 000,744,339 | ---- | M] () -- C:\Dokumente und Einstellungen\****\Desktop\PAVARK.exe
[2010.07.10 12:21:37 | 000,003,002 | ---- | M] () -- C:\WINXP\System32\CONFIG.NT
[2010.06.30 19:31:04 | 000,046,080 | ---- | M] () -- C:\Dokumente und Einstellungen\****\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.28 22:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINXP\avastSS.scr
[2010.06.28 22:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\WINXP\System32\aswBoot.exe
[2010.06.28 22:37:52 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswTdi.sys
[2010.06.28 22:37:30 | 000,165,456 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswSP.sys
[2010.06.28 22:33:13 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswRdr.sys
[2010.06.28 22:32:45 | 000,100,176 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswmon2.sys
[2010.06.28 22:32:42 | 000,094,544 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswmon.sys
[2010.06.28 22:32:33 | 000,017,744 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aswFsBlk.sys
[2010.06.28 22:32:16 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINXP\System32\drivers\aavmker4.sys
[2010.06.15 05:17:04 | 000,001,670 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[3 C:\WINXP\*.tmp files -> C:\WINXP\*.tmp -> ]
[1 C:\WINXP\System32\*.tmp files -> C:\WINXP\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.12 18:34:24 | 000,001,684 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Clear with 1 click.lnk
[2010.07.12 18:34:24 | 000,000,806 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Wise Registry Cleaner.lnk
[2010.07.12 15:09:28 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Olli\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010.07.11 21:38:54 | 000,036,864 | ---- | C] () -- C:\WINXP\System32\wuaucldt.exe
[2010.07.11 00:49:22 | 000,744,339 | ---- | C] () -- C:\Dokumente und Einstellungen\****\Desktop\PAVARK.exe
[2010.06.15 05:17:04 | 000,001,670 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2010.05.11 21:26:39 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\ljwhlmuesace.sys
[2010.05.11 21:05:08 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\iwcgcufmffxk.sys
[2010.05.11 20:57:28 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\hailhqmoknau.sys
[2010.05.11 20:09:38 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\apqvwswygayy.sys
[2010.04.10 13:23:04 | 000,197,120 | ---- | C] () -- C:\WINXP\patchw32.dll
[2010.03.24 21:25:32 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\efeybswjvjtk.sys
[2010.03.24 21:08:32 | 000,008,704 | ---- | C] () -- C:\WINXP\System32\drivers\bqcxymymvtjb.sys
[2010.01.18 18:29:19 | 000,163,328 | ---- | C] () -- C:\WINXP\System32\drivers\lv532av.sys
[2010.01.18 18:29:19 | 000,009,255 | ---- | C] () -- C:\WINXP\System32\lvcoinst.ini
[2009.11.14 12:35:08 | 000,000,032 | ---- | C] () -- C:\WINXP\Menu.INI
[2009.07.13 13:10:11 | 000,043,520 | ---- | C] () -- C:\WINXP\System32\CmdLineExt03.dll
[2009.05.06 20:28:55 | 000,000,151 | ---- | C] () -- C:\WINXP\PhotoSnapViewer.INI
[2009.04.11 15:28:28 | 000,000,069 | ---- | C] () -- C:\WINXP\NeroDigital.ini
[2009.02.19 18:03:02 | 000,691,696 | ---- | C] () -- C:\WINXP\System32\drivers\sptd.sys
[2009.02.19 17:50:39 | 000,000,000 | ---- | C] () -- C:\WINXP\oodcnt.INI
[2009.02.18 20:52:18 | 000,005,189 | ---- | C] () -- C:\WINXP\Ascd_tmp.ini
[2009.02.18 20:52:15 | 000,010,288 | ---- | C] () -- C:\WINXP\System32\drivers\ASUSHWIO.SYS
[2009.02.17 21:36:15 | 000,000,394 | ---- | C] () -- C:\WINXP\ODBC.INI
[2008.08.02 06:20:00 | 001,724,416 | ---- | C] () -- C:\WINXP\System32\nvwdmcpl.dll
[2008.08.02 06:20:00 | 001,499,136 | ---- | C] () -- C:\WINXP\System32\nview.dll
[2008.08.02 06:20:00 | 001,101,824 | ---- | C] () -- C:\WINXP\System32\nvwimg.dll
[2008.08.02 06:20:00 | 000,466,944 | ---- | C] () -- C:\WINXP\System32\nvshell.dll
[2008.08.02 06:20:00 | 000,286,720 | ---- | C] () -- C:\WINXP\System32\nvnt4cpl.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelTraditionalChinese.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSwedish.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSpanish.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelSimplifiedChinese.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelPortugese.dll
[2008.06.11 06:32:34 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelKorean.dll
[2008.06.11 06:32:32 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelJapanese.dll
[2008.06.11 06:32:32 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelGerman.dll
[2008.06.11 06:32:32 | 000,058,648 | ---- | C] () -- C:\WINXP\System32\AgCPanelFrench.dll
[2008.06.05 06:28:26 | 000,197,912 | ---- | C] () -- C:\WINXP\System32\physxcudart_20.dll
[2003.08.07 15:01:52 | 000,237,568 | ---- | C] () -- C:\WINXP\System32\lame_enc.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 20 bytes -> C:\Dokumente und Einstellungen\****\Desktop\PAVARK.exe:License
@Alternate Data Stream - 20 bytes -> C:\Dokumente und Einstellungen\****\Desktop\panda_antirootkit.exe:License
< End of report > --- --- --- |