die Seite die mich immer öfter auf Werbeseiten, die oft "24" enthalten leitet ist wwwadcntr.com
mittlerweile blockiere ich alle Cookies entsprechender Seiten manuell im Firefox und nutze das Adblock Plus Plugin und habe Java Envirement Addon & Theme im Firefox deaktiviert, sodass sich keine Viren durch die Tabs & Java einschleichen können. Jetzt muss nur noch die Ursache für die Werbe Tabs gefunden werden. Hier die Logs:OTL Logfile: Code:
OTL Extras logfile created on: 12.09.2010 22:02:03 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = D:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 8,23 Gb Free Space | 42,12% Space Free | Partition Type: NTFS
Drive D: | 278,55 Gb Total Space | 249,83 Gb Free Space | 89,69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1397,26 Gb Total Space | 996,86 Gb Free Space | 71,34% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 335,35 Gb Total Space | 253,19 Gb Free Space | 75,50% Space Free | Partition Type: NTFS
Computer Name: SHARKOONSYS
Current User Name: Sharkoon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- D:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "D:\Programme\Mozilla\firefox.exe" (Mozilla Corporation)
htmlfile [opennew] -- "D:\Programme\Mozilla\firefox.exe" (Mozilla Corporation)
htmlfile [print] -- "D:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"I:\Software\PDVD9Ultra\PowerDVD9\PowerDVD9.exe" = I:\Software\PDVD9Ultra\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\SopCast\adv\SopAdver.exe" = D:\Programme\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- (www.sopcast.com)
"D:\Programme\SopCast\SopCast.exe" = D:\Programme\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- (www.sopcast.com)
"D:\Programme\TVUPlayer\TVUPlayer.exe" = D:\Programme\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"F:\Games\Test Drive Unlimited\TestDriveUnlimited.exe" = F:\Games\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- File not found
"F:\Games\Battlefield 1942 Multiplayer Demo\BF1942Demo.exe" = F:\Games\Battlefield 1942 Multiplayer Demo\BF1942Demo.exe:*:Enabled:BF1942Demo -- File not found
"F:\Games\TrackMania Nations ESWC\TmNationsESWC.exe" = F:\Games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- File not found
"D:\Programme\devolo\easyshare\easyshare.exe" = D:\Programme\devolo\easyshare\easyshare.exe:*:Enabled:devolo EasyShare -- (devolo AG)
"I:\Games\TrackMania Nations ESWC\TmNationsESWC.exe" = I:\Games\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC -- ()
"I:\Games\Test Drive Unlimited\TestDriveUnlimited.exe" = I:\Games\Test Drive Unlimited\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited -- (Eden Games)
"D:\Programme\Mozilla\firefox.exe" = D:\Programme\Mozilla\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"I:\Software\PDVD9Ultra\PowerDVD9\PowerDVD9.exe" = I:\Software\PDVD9Ultra\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Programme\Sony Ericsson\SEMC OMSI Module\SEMC OMSI Module.exe" = C:\Programme\Sony Ericsson\SEMC OMSI Module\SEMC OMSI Module.exe:*:Enabled:SEMC OMSI Module -- ()
"D:\Programme\ICQ7.0\ICQ.exe" = D:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- (ICQ, Inc.)
"D:\Programme\ICQ7.0\aolload.exe" = D:\Programme\ICQ7.0\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"I:\Games\Battlefield 2\BF2.exe" = I:\Games\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2 -- ()
"I:\Games\Battlefield 2\bf2_w32ded.exe" = I:\Games\Battlefield 2\bf2_w32ded.exe:*:Enabled:bf2_w32ded -- ()
"I:\Games\Crysis\Bin32\Crysis.exe" = I:\Games\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32 -- (Crytek GmbH)
"I:\Games\Crysis\Bin32\CrysisDedicatedServer.exe" = I:\Games\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32 -- (Crytek GmbH)
"I:\Games\CMCRAY Dirt2\dirt2_game.exe" = I:\Games\CMCRAY Dirt2\dirt2_game.exe:*:Enabled:DiRT2 -- (Codemasters)
"D:\Programme\VideoLAN\VLC\vlc.exe" = D:\Programme\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"I:\Games\ProEvo2010\pes2010.exe" = I:\Games\ProEvo2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Programme\devolo\informer\devinf.exe" = D:\Programme\devolo\informer\devinf.exe:*:Enabled:devolo Informer -- (devolo AG)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{0241E073-A1C3-857F-7DA3-9A5DC6C4F60B}" = Catalyst Control Center Graphics Light
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{0F55F69B-FB6C-5157-A5DC-B8AC58048A1A}" = ATI Catalyst Install Manager
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Hi-Def Suite
"{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}" = Catalyst Control Center - Branding
"{20820A45-02A1-144C-21A3-A1812C5DDE23}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{29391B62-5DC8-4EAC-8ED7-7DDD5CFEFCAD}" = cladDVD.NET v3.5.7
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = Logitech SetPoint
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{34BDF3BF-AA61-42E7-8818-C16A304910FC}" = Emma Core
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3CCE085E-255D-BBEE-7D51-D46FF3E13B1F}" = Catalyst Control Center HydraVision Full
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A7C42A3-02F9-C4E2-3A2B-BED15343DB4E}" = ccc-utility
"{6D9306D4-668D-F7B5-30A8-0D20B5D898A0}" = Catalyst Control Center Core Implementation
"{71F17309-007D-43F9-9313-DBFBA5FCB3B3}" = LightScribe Optical Disc Kit
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A5029B2-B9EE-BD2F-D1C2-20A89933BC7B}" = Catalyst Control Center Graphics Full New
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{91120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5E86ABA-C49F-0D98-038A-2BFF8CC14DDE}" = ccc-core-static
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C4C2BA9A-E0BE-B4AC-2858-30ED109AAB39}" = CCC Help English
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC03804C-5D9E-B6F5-D2D6-2E8D11CE7C22}" = Catalyst Control Center Graphics Previews Common
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{FE6A0D54-A89C-542A-3C0F-7DE1DFC0F3A2}" = Catalyst Control Center Graphics Full Existing
"{FE7ADD14-5576-C865-AB6A-84BBC94C883B}" = ccc-core-preinstall
"7-Zip" = 7-Zip 4.65
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Der VerkehrsGigant-Gold Edition" = Der VerkehrsGigant-Gold Edition
"DivX Setup.divx.com" = DivX-Setup
"dlanconf" = devolo dLAN-Konfigurationsassistent
"dslmon" = devolo Informer
"easyclean" = devolo EasyClean
"easyshare" = devolo EasyShare
"ffdshow_is1" = ffdshow [rev 2985] [2009-06-06]
"Folder Access 2.0.0 Free Version" = Folder Access 2.0.0 Free Version
"Fraps" = Fraps (remove only)
"HijackThis" = HijackThis 1.99.1
"hp deskjet 3600 series_Driver" = hp deskjet 3600 series
"Indeo® software" = Indeo® software
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"JDownloader" = JDownloader
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MGI_Photovista_V1_4_0" = MGI Photovista 2.02 (nur entfernen)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"Need For Speed" = Need For Speed
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"Ninotech Date Edit" = Ninotech Date Edit 4.0
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"PunkBusterSvc" = PunkBuster Services
"SEMC OMSI Module" = SEMC OMSI Module
"SopCast" = SopCast 3.0.3
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"ST5UNST #1" = Kaminfeuer Titanium Edition
"Streamripper" = Streamripper (Remove only)
"TVUPlayer" = TVUPlayer 2.4.5.3
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 10.09.2010 13:32:59 | Computer Name = SHARKOONSYS | Source = ESENT | ID = 490
Description = svchost (288) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error - 11.09.2010 07:56:21 | Computer Name = SHARKOONSYS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.3888, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 11.09.2010 09:37:30 | Computer Name = SHARKOONSYS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung tvuplayer.exe, Version 2.4.5.3, fehlgeschlagenes
Modul autoupgrade.dll, Version 2.4.5.3, Fehleradresse 0x00010726.
Error - 11.09.2010 09:57:39 | Computer Name = SHARKOONSYS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3888,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
Error - 11.09.2010 13:23:46 | Computer Name = SHARKOONSYS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung plugin-container.exe, Version 1.9.2.3888,
fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
Error - 11.09.2010 19:37:58 | Computer Name = SHARKOONSYS | Source = PerfNet | ID = 2005
Description = Die Leistungsinformationen vom Serverdienst konnten nicht gelesen
werden. Es werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene
Fehlercode befindet sich in DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information
ist DWORD 2.
Error - 11.09.2010 19:37:58 | Computer Name = SHARKOONSYS | Source = PerfNet | ID = 2006
Description = Die Server Queue-Leistungsinformationen konnten nicht gelesen werden.
Es
werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene Fehlercode
ist DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information ist DWORD 2.
Error - 11.09.2010 19:37:59 | Computer Name = SHARKOONSYS | Source = PerfNet | ID = 2005
Description = Die Leistungsinformationen vom Serverdienst konnten nicht gelesen
werden. Es werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene
Fehlercode befindet sich in DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information
ist DWORD 2.
Error - 11.09.2010 19:37:59 | Computer Name = SHARKOONSYS | Source = PerfNet | ID = 2006
Description = Die Server Queue-Leistungsinformationen konnten nicht gelesen werden.
Es
werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene Fehlercode
ist DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information ist DWORD 2.
Error - 12.09.2010 13:32:29 | Computer Name = SHARKOONSYS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung tjwzjl.exe, Version 0.0.0.0, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
[ System Events ]
Error - 11.09.2010 09:24:33 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 11.09.2010 12:12:50 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 11.09.2010 12:12:50 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 11.09.2010 13:32:17 | Computer Name = SHARKOONSYS | Source = Windows Update Agent | ID = 16
Description = Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst
"Automatische Updates" hergestellt werden, daher können Updates nicht nach dem
angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht,
eine Verbindung herzustellen.
Error - 11.09.2010 19:38:01 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 11.09.2010 19:38:01 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 12.09.2010 12:44:42 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 12.09.2010 12:44:42 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
Error - 12.09.2010 15:35:13 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262189
Description = Das System konnte den Treiber für das Speicherabbild nicht laden.
Error - 12.09.2010 15:35:13 | Computer Name = SHARKOONSYS | Source = Ftdisk | ID = 262193
Description = Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist
fehlgeschlagen. Stellen Sie sicher, dass eine Auslagerungsdatei auf der Startpartition
vorhanden ist und dass diese groß genug ist, um den gesamten physikalischen Speicher
abbilden zu können.
[ TuneUp Events ]
Error - 02.08.2009 09:11:16 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 15:11:16', '\device\harddiskvolume1\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','3456',0)
Error - 02.08.2009 09:11:16 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 15:11:16', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','2708',0)
Error - 02.08.2009 09:11:21 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 15:11:21', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','1876',0)
Error - 02.08.2009 09:12:01 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-02 15:12:01', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','2440',0)
Error - 09.08.2009 13:44:22 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-09 19:44:22', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','2700',0)
Error - 12.08.2009 09:39:23 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-12 15:39:23', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','3924',0)
Error - 12.08.2009 09:41:04 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-12 15:41:04', '\device\harddiskvolume1\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','3404',0)
Error - 12.08.2009 09:41:43 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-12 15:41:43', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','3248',0)
Error - 12.08.2009 09:42:08 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-12 15:42:08', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbamgui.exe','2292',0)
Error - 12.08.2009 09:42:19 | Computer Name = SHARKOONSYS | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-12 15:42:19', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','3252',0)
< End of report > --- --- ---
-----------------------------------------------------------
OTL Logfile: Code:
OTL logfile created on: 12.09.2010 22:02:03 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = D:\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 79,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 8,23 Gb Free Space | 42,12% Space Free | Partition Type: NTFS
Drive D: | 278,55 Gb Total Space | 249,83 Gb Free Space | 89,69% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 1397,26 Gb Total Space | 996,86 Gb Free Space | 71,34% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
Drive I: | 335,35 Gb Total Space | 253,19 Gb Free Space | 75,50% Space Free | Partition Type: NTFS
Computer Name: SHARKOONSYS
Current User Name: Sharkoon
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\Programme\Mozilla\firefox.exe (Mozilla Corporation)
PRC - D:\Programme\Mozilla\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - D:\Programme\CyberLink\PowerDVD\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Programme\Microsoft Xbox 360 Accessories\XBoxStat.exe (Microsoft Corporation)
PRC - D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - D:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\KhalShared\KHALMNPR.exe (Logitech Inc.)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
========== Modules (SafeList) ==========
MOD - D:\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - D:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech Inc.)
========== Win32 Services (SafeList) ==========
SRV - (hpdj) -- C:\DOKUME~1\Sharkoon\LOKALE~1\Temp\hpdj.exe File not found
SRV - (gusvc) -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (Lavasoft Ad-Aware Service) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (EmmaDevMgmtSvc) -- C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaDeviceMgmt.exe (Sony Ericsson Mobile Communications)
SRV - (EmmaUpdMgmtSvc) -- C:\Programme\Gemeinsame Dateien\Sony Ericsson\Emma Core\Services\EmmaUpdateMgmt.exe (Sony Ericsson Mobile Communications)
SRV - (AntiVirService) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- D:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (OMSI download service) -- D:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (LckFldService) -- C:\WINDOWS\system32\LckFldService.exe ()
========== Driver Services (SafeList) ==========
DRV - (zlportio) -- I:\Games\Ultrastar SINGSTAR2 NEU\UltraStar Deluxe\zlportio.sys File not found
DRV - (PLCMPR5) -- C:\WINDOWS\System32\PLCMPR5.SYS File not found
DRV - (MEMSWEEP2) -- C:\WINDOWS\System32\26.tmp File not found
DRV - (FGUARD32) -- F:\Folder Guard\FGUARD32.SYS File not found
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- D:\Programme\CyberLink\PowerDVD\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (xusb21) -- C:\WINDOWS\system32\drivers\xusb21.sys (Microsoft Corporation)
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- I:\Software\PDVD9Ultra\PowerDVD9\000.fcl (CyberLink Corp.)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (SAVRKBootTasks) -- C:\WINDOWS\system32\SAVRKBootTasks.sys (Sophos Plc)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows (R) 2000 DDK provider)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- D:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM) -- C:\WINDOWS\system32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS) -- C:\WINDOWS\system32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\WINDOWS\system32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\WINDOWS\system32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\WINDOWS\system32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) Sony Ericsson Device 0016 driver (WDM) -- C:\WINDOWS\system32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (NPF_devolo) NetGroup Packet Filter Driver (devolo) -- C:\WINDOWS\system32\drivers\npf_devolo.sys (CACE Technologies)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ET5Drv) -- C:\WINDOWS\system32\drivers\ET5Drv.sys (Windows (R) 2000 DDK provider)
DRV - (JRAID) -- C:\WINDOWS\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (CLBStor) -- C:\WINDOWS\System32\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV - (CLBUDF) -- C:\WINDOWS\System32\drivers\CLBUDF.sys (CyberLink Corporation.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (se46bus) Sony Ericsson Device 070 driver (WDM) -- C:\WINDOWS\system32\drivers\se46bus.sys (MCCI)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (imagesrv) -- C:\WINDOWS\system32\DRIVERS\imagesrv.sys (Ahead Software AG)
DRV - (imagedrv) -- C:\WINDOWS\System32\Drivers\imagedrv.sys (Ahead Software AG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: noia2_option@kk.noia:3.76
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {5c876f30-10ce-11dd-bd0b-0800200c9a66}:3.6.6
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - prefs.js..network.proxy.backup.ftp: "128.8.126.78"
FF - prefs.js..network.proxy.backup.ftp_port: 3127
FF - prefs.js..network.proxy.backup.gopher: "128.8.126.78"
FF - prefs.js..network.proxy.backup.gopher_port: 3127
FF - prefs.js..network.proxy.backup.socks: "128.8.126.78"
FF - prefs.js..network.proxy.backup.socks_port: 3127
FF - prefs.js..network.proxy.backup.ssl: "128.8.126.78"
FF - prefs.js..network.proxy.backup.ssl_port: 3127
FF - prefs.js..network.proxy.ftp: "206.64.92.16"
FF - prefs.js..network.proxy.ftp_port: 8000
FF - prefs.js..network.proxy.gopher: "206.64.92.16"
FF - prefs.js..network.proxy.gopher_port: 8000
FF - prefs.js..network.proxy.http_port: 8000
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "206.64.92.16"
FF - prefs.js..network.proxy.socks_port: 8000
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.ssl: "206.64.92.16"
FF - prefs.js..network.proxy.ssl_port: 8000
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: D:\Programme\Mozilla\components [2010.09.12 01:52:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: D:\Programme\Mozilla\plugins [2010.09.08 17:58:34 | 000,000,000 | ---D | M]
[2009.05.21 18:47:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Extensions
[2010.09.12 20:03:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions
[2010.02.11 19:51:20 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010.04.27 23:26:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.08 19:20:06 | 000,000,000 | ---D | M] (Aero Fox Silver XL) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{5c876f30-10ce-11dd-bd0b-0800200c9a66}
[2010.02.23 15:47:41 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010.09.08 19:20:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.09.12 19:14:35 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.11.20 17:11:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\firefox@tvunetworks.com
[2009.07.21 22:05:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\moveplayer@movenetworks.com
[2010.02.23 15:48:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\noia2_option@kk.noia
[2010.09.08 19:20:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{5c876f30-10ce-11dd-bd0b-0800200c9a66}\chrome\mac\mozapps\extensions
[2010.09.08 19:20:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Mozilla\Firefox\Profiles\ln0cq517.default\extensions\{5c876f30-10ce-11dd-bd0b-0800200c9a66}\chrome\win\mozapps\extensions
O1 HOSTS File: ([2010.08.22 19:23:32 | 000,417,109 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 ar.atwola.com
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 14396 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [PDVD9LanguageShortcut] I:\Software\PDVD9Ultra\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [RemoteControl10] D:\Programme\CyberLink\PowerDVD\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] D:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [XboxStat] C:\Programme\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = D:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - D:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sharkoon\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sharkoon\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.20 22:40:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.01.21 04:52:15 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.17 04:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{51ca9a38-5d23-11df-a748-001d7dd2c2fb}\Shell - "" = AutoRun
O33 - MountPoints2\{51ca9a38-5d23-11df-a748-001d7dd2c2fb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{51ca9a38-5d23-11df-a748-001d7dd2c2fb}\Shell\AutoRun\command - "" = F:\AutoRunCD.exe -- File not found
O33 - MountPoints2\{5c6959a9-5cf0-11df-a747-001d7dd2c2fb}\Shell - "" = AutoRun
O33 - MountPoints2\{5c6959a9-5cf0-11df-a747-001d7dd2c2fb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c6959a9-5cf0-11df-a747-001d7dd2c2fb}\Shell\AutoRun\command - "" = F:\AutoRunCD.exe -- File not found
O33 - MountPoints2\{60621816-6aa5-11df-a778-001d7dd2c2fb}\Shell - "" = AutoRun
O33 - MountPoints2\{60621816-6aa5-11df-a778-001d7dd2c2fb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{60621816-6aa5-11df-a778-001d7dd2c2fb}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O33 - MountPoints2\{d94b4de9-6654-11df-a765-001d7dd2c2fb}\Shell - "" = AutoRun
O33 - MountPoints2\{d94b4de9-6654-11df-a765-001d7dd2c2fb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d94b4de9-6654-11df-a765-001d7dd2c2fb}\Shell\AutoRun\command - "" = F:\Razor1911_Installer.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.12 21:32:07 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\WINDOWS\System32\SAVRKBootTasks.sys
[2010.09.11 23:06:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Winamp
[2010.09.11 13:00:10 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.09.11 13:00:09 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.09.11 13:00:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.09.11 13:00:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.09.11 12:58:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\Sun
[2010.09.09 15:56:18 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2010.09.03 20:05:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia
[2010.08.28 01:48:36 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.08.28 01:48:09 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.08.28 01:48:09 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.08.28 01:48:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.08.28 01:48:08 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.08.28 01:48:08 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.08.28 01:48:08 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.08.28 01:48:08 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.08.28 01:48:07 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.08.28 01:36:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sharkoon\Lokale Einstellungen\Anwendungsdaten\2K Games
[2010.08.26 16:56:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Adobe
[2010.08.26 16:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Sun
[2010.08.25 19:37:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.08.25 19:36:42 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.08.25 19:36:32 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.08.23 16:56:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Identities
[2010.08.22 17:00:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.08.22 16:58:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2010.01.01 16:38:43 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpe37.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Sharkoon\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Sharkoon\Eigene Dateien\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.09.12 22:00:01 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.09.12 21:46:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.12 21:35:13 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.09.12 21:35:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.09.12 21:33:30 | 014,155,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Sharkoon\ntuser.dat
[2010.09.12 21:33:30 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Sharkoon\ntuser.ini
[2010.09.12 20:17:27 | 000,000,846 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2010.09.12 20:16:30 | 000,000,049 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.09.11 13:47:50 | 000,024,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Sharkoon\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.11 13:00:03 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.09.11 13:00:03 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.09.11 13:00:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.09.11 13:00:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.09.11 13:00:03 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.09.09 15:21:10 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.09.09 15:21:10 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.09.05 15:16:03 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010.09.03 15:29:32 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.27 19:37:18 | 000,000,054 | ---- | M] () -- C:\WINDOWS\CmdFile.INI
[2010.08.22 19:23:32 | 000,417,109 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.21 16:42:29 | 000,000,560 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.21 16:42:29 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.21 16:42:29 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.08.16 15:16:53 | 000,000,054 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2010.08.16 15:16:53 | 000,000,039 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Sharkoon\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Sharkoon\Eigene Dateien\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.09 15:21:10 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.09.03 19:09:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.08.22 17:30:17 | 000,013,084 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid2860.log
[2010.08.22 17:06:06 | 000,013,026 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid732.log
[2010.08.22 00:30:51 | 000,012,370 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid2228.log
[2010.08.22 00:30:43 | 000,012,371 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid2796.log
[2010.08.22 00:30:29 | 000,012,371 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid556.log
[2010.08.22 00:30:21 | 000,012,371 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid3400.log
[2010.08.22 00:30:17 | 000,012,676 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid1348.log
[2010.08.21 19:24:00 | 000,013,111 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\hs_err_pid2400.log
[2010.08.16 15:16:53 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2010.08.16 15:16:53 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010.05.11 19:25:15 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.05.11 19:25:14 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\PnkBstrK.sys
[2010.04.26 15:11:01 | 000,004,295 | ---- | C] () -- C:\WINDOWS\jrtphk16.ini
[2010.04.26 00:43:16 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2010.01.29 18:14:33 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2009.12.17 16:08:26 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2009.11.22 15:31:18 | 000,038,497 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\Anwendungsdaten\gcstar.log
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2009.08.12 15:01:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhotoNow.INI
[2009.07.22 17:00:36 | 000,000,295 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009.06.27 12:28:51 | 000,000,054 | ---- | C] () -- C:\WINDOWS\CmdFile.INI
[2009.06.21 23:53:57 | 000,001,429 | ---- | C] () -- C:\WINDOWS\crrqdtn48.ini
[2009.06.11 15:09:59 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2009.06.11 15:09:58 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.06.06 21:02:52 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.05.28 17:59:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.05.24 14:38:23 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\Mlkf.dll
[2009.05.22 12:51:26 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.05.22 12:50:16 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009.05.22 00:25:51 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2009.05.22 00:25:50 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009.05.21 21:09:24 | 000,024,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Sharkoon\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.21 19:39:03 | 000,000,846 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2009.05.21 18:30:05 | 000,009,507 | ---- | C] () -- C:\WINDOWS\hpdj3600.ini
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
< End of report > --- --- --- |