Softwehr | 16.08.2010 19:45 | Okay
mbam:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4437
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
16.08.2010 20:37:37
mbam-log-2010-08-16 (20-37-37).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|Z:\|)
Durchsuchte Objekte: 198919
Laufzeit: 24 Minute(n), 17 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> No action taken.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Ich habe die infizierte Registry erfolgreich entfernt.
OTL:OTL Logfile: Code:
OTL logfile created on: 16.08.2010 20:07:01 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 82,25 Gb Free Space | 84,23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 495,20 Mb Total Space | 384,34 Mb Free Space | 77,61% Space Free | Partition Type: FAT
Drive G: | 1,86 Gb Total Space | 1,85 Gb Free Space | 99,64% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 200,43 Gb Total Space | 57,40 Gb Free Space | 28,64% Space Free | Partition Type: NTFS
Computer Name: PREACHERGNOMAM3
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (tzuk)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (StarWindServiceAE) -- Z:\Utilities\Alcohol 120\StarWind\StarWindServiceAE.exe File not found
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (tzuk)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (MSICDSetup) -- D:\CDriver.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (tzuk)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (usbfilter) -- C:\WINDOWS\system32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (amdide) -- C:\WINDOWS\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Eigene Dateien\Eigene Bilder\b50a0d47ac2c5912461c5c589c716fee.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Eigene Dateien\Eigene Bilder\b50a0d47ac2c5912461c5c589c716fee.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.26 18:19:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 16:42:45 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2005.11.21 19:26:21 | 000,000,057 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell - "" = AutoRun
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell - "" = AutoRun
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell\AutoRun\command - "" = E:\OblivionLauncher.exe -- [2006.02.27 16:17:52 | 001,662,976 | R--- | M] (Bethesda Softworks)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.08.16 20:04:02 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\User\Desktop\mbam-setup.exe
[2010.08.16 20:04:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.08.16 17:26:07 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.exe
[2010.08.16 17:20:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2010.08.16 15:27:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\0357279230DCA12A2BFF8B9C1D1CFB4A
[2010.08.13 03:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Registries
[2010.08.06 22:54:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Malwarebytes
[2010.08.06 22:54:14 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.06 22:54:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.06 00:28:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\DAEMON Tools Images
[2010.08.06 00:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Net
[2010.08.06 00:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DAEMON Tools Net
[2010.07.30 19:44:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\Aufnahmen
[2010.07.24 20:53:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qvusd.dll
[2010.07.24 20:53:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010.07.24 16:52:35 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2010.07.24 16:52:35 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010.07.24 16:52:34 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010.07.24 16:52:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2010.07.24 16:52:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010.07.24 14:49:07 | 000,000,000 | ---D | C] -- C:\Programme\Audacity
[2010.07.24 13:59:16 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010.07.24 13:54:06 | 000,049,152 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\pscVSWIA.dll
[2010.07.24 13:54:05 | 000,339,968 | ---- | C] (Canon, Inc.) -- C:\WINDOWS\System32\pscU109U.dll
[2010.07.24 13:54:04 | 000,040,960 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\pscN109U.exe
[2010.07.24 13:54:03 | 000,094,208 | ---- | C] (Canon. Inc) -- C:\WINDOWS\System32\PSCL109U.dll
[2010.07.24 13:53:38 | 002,641,973 | ---- | C] (CISRA) -- C:\WINDOWS\System32\opapi11.dll
[2010.07.24 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Help
[2010.07.24 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Help
[2010.07.24 13:38:23 | 000,000,000 | ---D | C] -- C:\Programme\Canon
[2010.07.24 13:37:57 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.20 22:28:22 | 004,040,681 | ---- | C] (andUP GmbH && Co.KG) -- C:\WINDOWS\frontpage.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.16 20:02:28 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\User\Desktop\mbam-setup.exe
[2010.08.16 19:55:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.08.16 17:23:34 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.exe
[2010.08.16 17:09:01 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2010.08.16 15:45:14 | 000,000,850 | -HS- | M] () -- C:\WINDOWS\klif.spi
[2010.08.16 15:09:45 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.08.16 15:09:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.16 15:09:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.16 09:35:24 | 003,932,160 | -H-- | M] () -- C:\Dokumente und Einstellungen\User\NTUSER.DAT
[2010.08.16 09:35:22 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\User\ntuser.ini
[2010.08.16 09:35:18 | 004,281,822 | -H-- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.08.13 01:22:14 | 000,000,573 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2010.08.12 20:38:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.06 02:23:13 | 000,002,734 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010.08.06 00:26:01 | 000,445,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.06 00:17:04 | 000,000,210 | ---- | M] () -- C:\WINDOWS\Clony2.ini
[2010.08.01 18:11:41 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.08.01 18:11:41 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.07.27 03:48:34 | 000,000,083 | ---- | M] () -- C:\WINDOWS\wwp.INI
[2010.07.26 03:42:31 | 000,000,596 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.26 03:42:11 | 000,000,144 | ---- | M] () -- C:\WINDOWS\Eudcedit.ini
[2010.07.24 13:53:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\OPPRIN~1.INI
[2010.07.22 16:00:42 | 000,000,012 | ---- | M] () -- C:\WINDOWS\screenmx.ini
[2010.07.20 22:59:05 | 000,007,680 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.20 22:28:22 | 004,040,681 | ---- | M] (andUP GmbH && Co.KG) -- C:\WINDOWS\frontpage.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.16 15:30:39 | 000,363,520 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\rkill.com
[2010.08.16 15:27:43 | 000,000,850 | -HS- | C] () -- C:\WINDOWS\klif.spi
[2010.08.06 00:14:30 | 000,000,210 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2010.07.30 00:19:03 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\oldharmony.dll
[2010.07.26 03:42:11 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2010.07.24 13:53:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2010.07.20 22:28:44 | 000,000,012 | ---- | C] () -- C:\WINDOWS\screenmx.ini
[2010.07.14 12:21:45 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\v\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.12 11:11:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2010.03.28 22:06:55 | 000,679,112 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.03.27 15:24:23 | 000,002,734 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010.03.22 18:10:51 | 000,000,315 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2010.03.20 22:04:55 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.03.20 22:04:08 | 000,000,592 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.03.06 04:58:32 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2010.02.14 21:02:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.31 21:00:22 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.31 21:00:22 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.01.31 21:00:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.01.31 21:00:20 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.01.31 21:00:20 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.31 21:00:20 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.01.31 21:00:20 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.31 15:28:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.01.31 15:28:14 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.01.31 15:28:14 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.01.27 21:19:26 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010.01.27 19:26:26 | 000,445,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.01.26 18:44:29 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.10.31 17:40:18 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaConverter2.dll
[2008.10.19 15:28:04 | 000,272,896 | ---- | C] () -- C:\WINDOWS\System32\EMRegSys.dll
[2008.09.17 12:12:48 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaReveal.dll
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.02.23 17:37:18 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\dsfFLACEncoder.dll
[2006.02.23 16:37:06 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\dsfVorbisDecoder.dll
[2006.02.23 16:36:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\dsfOggDemux2.dll
[2006.02.23 16:35:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsfOGMDecoder.dll
[2006.02.23 16:35:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsfNativeFLACSource.dll
[2006.02.23 16:35:40 | 000,049,664 | ---- | C] () -- C:\WINDOWS\System32\dsfFLACDecoder.dll
[2006.02.23 16:34:58 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\libFLAC++.dll
[2006.02.23 16:34:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\libFishSound.dll
[2006.02.23 16:34:38 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\libOOOggSeek.dll
[2006.02.23 16:34:26 | 001,108,480 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.02.23 16:34:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\libOOogg.dll
[2006.02.23 16:33:54 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2004.03.24 09:24:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 113 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 16.08.2010 20:07:01 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 82,25 Gb Free Space | 84,23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 495,20 Mb Total Space | 384,34 Mb Free Space | 77,61% Space Free | Partition Type: FAT
Drive G: | 1,86 Gb Total Space | 1,85 Gb Free Space | 99,64% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 200,43 Gb Total Space | 57,40 Gb Free Space | 28,64% Space Free | Partition Type: NTFS
Computer Name: PREACHERGNOMAM3
Current User Name: User
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (tzuk)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (StarWindServiceAE) -- Z:\Utilities\Alcohol 120\StarWind\StarWindServiceAE.exe File not found
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (tzuk)
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (MSICDSetup) -- D:\CDriver.sys File not found
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (tzuk)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (usbfilter) -- C:\WINDOWS\system32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (klbg) -- C:\WINDOWS\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (amdide) -- C:\WINDOWS\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\User\Eigene Dateien\Eigene Bilder\b50a0d47ac2c5912461c5c589c716fee.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\User\Eigene Dateien\Eigene Bilder\b50a0d47ac2c5912461c5c589c716fee.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.26 18:19:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.06.01 16:42:45 | 000,000,000 | ---D | M] - C:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2005.11.21 19:26:21 | 000,000,057 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell - "" = AutoRun
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{980dc1ab-320d-11df-9520-40618637dc19}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell - "" = AutoRun
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fd7d32eb-a0d8-11df-95c3-40618637dc19}\Shell\AutoRun\command - "" = E:\OblivionLauncher.exe -- [2006.02.27 16:17:52 | 001,662,976 | R--- | M] (Bethesda Softworks)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.08.16 20:04:02 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\User\Desktop\mbam-setup.exe
[2010.08.16 20:04:02 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.08.16 17:26:07 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.exe
[2010.08.16 17:20:45 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\User\Recent
[2010.08.16 15:27:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\0357279230DCA12A2BFF8B9C1D1CFB4A
[2010.08.13 03:59:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Registries
[2010.08.06 22:54:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Malwarebytes
[2010.08.06 22:54:14 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.06 22:54:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.06 00:28:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\DAEMON Tools Images
[2010.08.06 00:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Net
[2010.08.06 00:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\DAEMON Tools Net
[2010.07.30 19:44:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\Aufnahmen
[2010.07.24 20:53:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qvusd.dll
[2010.07.24 20:53:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qvusd.dll
[2010.07.24 16:52:35 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srusd.dll
[2010.07.24 16:52:35 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusd.dll
[2010.07.24 16:52:34 | 000,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys
[2010.07.24 16:52:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fnfilter.dll
[2010.07.24 16:52:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fnfilter.dll
[2010.07.24 14:49:07 | 000,000,000 | ---D | C] -- C:\Programme\Audacity
[2010.07.24 13:59:16 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010.07.24 13:54:06 | 000,049,152 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\pscVSWIA.dll
[2010.07.24 13:54:05 | 000,339,968 | ---- | C] (Canon, Inc.) -- C:\WINDOWS\System32\pscU109U.dll
[2010.07.24 13:54:04 | 000,040,960 | ---- | C] (Canon Inc.) -- C:\WINDOWS\System32\pscN109U.exe
[2010.07.24 13:54:03 | 000,094,208 | ---- | C] (Canon. Inc) -- C:\WINDOWS\System32\PSCL109U.dll
[2010.07.24 13:53:38 | 002,641,973 | ---- | C] (CISRA) -- C:\WINDOWS\System32\opapi11.dll
[2010.07.24 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Help
[2010.07.24 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\v\Anwendungsdaten\Help
[2010.07.24 13:38:23 | 000,000,000 | ---D | C] -- C:\Programme\Canon
[2010.07.24 13:37:57 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.20 22:28:22 | 004,040,681 | ---- | C] (andUP GmbH && Co.KG) -- C:\WINDOWS\frontpage.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.08.16 20:02:28 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\User\Desktop\mbam-setup.exe
[2010.08.16 19:55:20 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL.exe
[2010.08.16 17:23:34 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\User\Desktop\HiJackThis.exe
[2010.08.16 17:09:01 | 000,000,023 | ---- | M] () -- C:\WINDOWS\BlendSettings.ini
[2010.08.16 15:45:14 | 000,000,850 | -HS- | M] () -- C:\WINDOWS\klif.spi
[2010.08.16 15:09:45 | 000,253,748 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.08.16 15:09:39 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.16 15:09:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.16 09:35:24 | 003,932,160 | -H-- | M] () -- C:\Dokumente und Einstellungen\v\NTUSER.DAT
[2010.08.16 09:35:22 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\v\ntuser.ini
[2010.08.16 09:35:18 | 004,281,822 | -H-- | M] () -- C:\Dokumente und Einstellungen\v\Lokale Einstellungen\Anwendungsdaten\IconCache.db
[2010.08.13 01:22:14 | 000,000,573 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk
[2010.08.12 20:38:18 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.06 02:23:13 | 000,002,734 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2010.08.06 00:26:01 | 000,445,936 | ---- | M] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.08.06 00:17:04 | 000,000,210 | ---- | M] () -- C:\WINDOWS\Clony2.ini
[2010.08.01 18:11:41 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.08.01 18:11:41 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.07.27 03:48:34 | 000,000,083 | ---- | M] () -- C:\WINDOWS\wwp.INI
[2010.07.26 03:42:31 | 000,000,596 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.07.26 03:42:11 | 000,000,144 | ---- | M] () -- C:\WINDOWS\Eudcedit.ini
[2010.07.24 13:53:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\OPPRIN~1.INI
[2010.07.22 16:00:42 | 000,000,012 | ---- | M] () -- C:\WINDOWS\screenmx.ini
[2010.07.20 22:59:05 | 000,007,680 | ---- | M] () -- C:\Dokumente und Einstellungen\v\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.20 22:28:22 | 004,040,681 | ---- | M] (andUP GmbH && Co.KG) -- C:\WINDOWS\frontpage.scr
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.16 15:30:39 | 000,363,520 | ---- | C] () -- C:\Dokumente und Einstellungen\v\Desktop\rkill.com
[2010.08.16 15:27:43 | 000,000,850 | -HS- | C] () -- C:\WINDOWS\klif.spi
[2010.08.06 00:14:30 | 000,000,210 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2010.07.30 00:19:03 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\oldharmony.dll
[2010.07.26 03:42:11 | 000,000,144 | ---- | C] () -- C:\WINDOWS\Eudcedit.ini
[2010.07.24 13:53:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OPPRIN~1.INI
[2010.07.20 22:28:44 | 000,000,012 | ---- | C] () -- C:\WINDOWS\screenmx.ini
[2010.07.14 12:21:45 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\v\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.06.12 11:11:30 | 000,000,083 | ---- | C] () -- C:\WINDOWS\wwp.INI
[2010.03.28 22:06:55 | 000,679,112 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.03.27 15:24:23 | 000,002,734 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010.03.22 18:10:51 | 000,000,315 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2010.03.20 22:04:55 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.03.20 22:04:08 | 000,000,592 | ---- | C] () -- C:\WINDOWS\disney.ini
[2010.03.06 04:58:32 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2010.02.14 21:02:31 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2010.01.31 21:00:22 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.01.31 21:00:22 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.01.31 21:00:20 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.01.31 21:00:20 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.01.31 21:00:20 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.01.31 21:00:20 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.01.31 21:00:20 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.31 15:28:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2010.01.31 15:28:14 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2010.01.31 15:28:14 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2010.01.27 21:19:26 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010.01.27 19:26:26 | 000,445,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.01.26 18:44:29 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009.08.03 01:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009.08.03 01:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009.08.03 01:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.10.31 17:40:18 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaConverter2.dll
[2008.10.19 15:28:04 | 000,272,896 | ---- | C] () -- C:\WINDOWS\System32\EMRegSys.dll
[2008.09.17 12:12:48 | 001,511,424 | ---- | C] () -- C:\WINDOWS\System32\HDX4MediaReveal.dll
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2006.02.23 17:37:18 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\dsfFLACEncoder.dll
[2006.02.23 16:37:06 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\dsfVorbisDecoder.dll
[2006.02.23 16:36:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\dsfOggDemux2.dll
[2006.02.23 16:35:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsfOGMDecoder.dll
[2006.02.23 16:35:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsfNativeFLACSource.dll
[2006.02.23 16:35:40 | 000,049,664 | ---- | C] () -- C:\WINDOWS\System32\dsfFLACDecoder.dll
[2006.02.23 16:34:58 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\libFLAC++.dll
[2006.02.23 16:34:56 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\libFishSound.dll
[2006.02.23 16:34:38 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\libOOOggSeek.dll
[2006.02.23 16:34:26 | 001,108,480 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006.02.23 16:34:16 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\libOOogg.dll
[2006.02.23 16:33:54 | 000,140,288 | ---- | C] () -- C:\WINDOWS\System32\libFLAC.dll
[2004.03.24 09:24:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\frapsvid.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 113 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
< End of report > --- --- ---
||||||||||||||||EXTRAS||||||||||||||||||||||||OTL Logfile: Code:
OTL Extras logfile created on: 16.08.2010 20:07:01 - Run 1
OTL by OldTimer - Version 3.2.10.0 Folder = C:\Dokumente und Einstellungen\v\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 86,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 95,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97,65 Gb Total Space | 82,25 Gb Free Space | 84,23% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 495,20 Mb Total Space | 384,34 Mb Free Space | 77,61% Space Free | Partition Type: FAT
Drive G: | 1,86 Gb Total Space | 1,85 Gb Free Space | 99,64% Space Free | Partition Type: FAT
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive Z: | 200,43 Gb Total Space | 57,40 Gb Free Space | 28,64% Space Free | Partition Type: NTFS
Computer Name: PREACHERGNOMAM3
Current User Name: v
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"Z:\Games\Dungeon Siege II\DungeonSiege2.exe" = Z:\Games\Dungeon Siege II\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable -- (Gas Powered Games)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{23D683DD-93C6-48E6-B84E-78B57778F126}" = Oblivion - Construction Set
"{24A6F0B6-E6F3-46AE-BB7E-81D6AFA6E926}" = ATI AVIVO Codecs
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{37A58B85-C98F-11D5-B694-00E07D72A995}" = RM2K Mp3 Patch v1.1
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{70858C67-8761-4444-895A-0A8B2E9E144E}" = Opera 10.61
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{83F12F73-D52E-40C0-93B1-463C311C4E17}" = Dawn Of War
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A200E68-D5F4-4E70-910F-2871753A0E2B}" = Worms World Party
"{A589DA26-51BD-475D-8C32-E19E34145842}" = Camtasia Studio 6
"{B343B0E3-212A-40B9-8207-1BD299228F5D}" = Fallout 3 - The Garden of Eden Creation Kit
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DBF19211-C6F2-4D4E-0001-9310B0661EF1}" = Formatwandler 2
"{DCB51FBC-68AD-42FF-8426-199F1FE2C4F5}" = AMD USB Filter Driver
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"7-Zip" = 7-Zip 4.42
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"Audacity_is1" = Audacity 1.2.6
"Canon Digital Camera USB WIA Driver" = Canon Digital Camera USB WIA Driver
"CCleaner" = CCleaner
"Diablo II" = Diablo II
"DungeonSiege2" = Dungeon Siege 2
"frontpage.scr" = frontpage screensaver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"MSNINST" = MSN
"NVIDIA Drivers" = NVIDIA Drivers
"RTP 1.32 Add-On for RM2k" = RTP 1.32 Add-On for RM2k
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"Sandboxie" = Sandboxie 3.44
"Sauerbraten" = Sauerbraten
"ST6UNST #1" = Hero Editor V0.96
"StarCraft" = StarCraft
"Winamp" = Winamp
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.07.2010 15:07:02 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 19.07.2010 19:15:05 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 20.07.2010 10:59:36 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 20.07.2010 14:12:04 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 21.07.2010 08:03:01 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 21.07.2010 08:41:41 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 22.07.2010 09:17:01 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 22.07.2010 16:56:11 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 23.07.2010 08:31:01 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
Error - 24.07.2010 07:13:11 | Computer Name = PREACHERGNOMAM3 | Source = SecurityCenter | ID = 1802
Description = Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der
WMI herstellen, um Antivirus- und Firewallprogramme von Drittanbietern zu überwachen.
[ System Events ]
Error - 12.08.2010 21:04:33 | Computer Name = PREACHERGNOMAM3 | Source = W32Time | ID = 39452689
Description = Zeitabieter "NtpClient": Beim DNS-Lookup für den manuell konfigurierten
Peer "time.windows.com,0x1" ist ein Fehler aufgetreten. Der DNS-Lookup wird in 15
Minuten wiederholt. Fehler: Der Host war bei einem Socketvorgang nicht erreichbar.
(0x80072751)
Error - 12.08.2010 21:04:33 | Computer Name = PREACHERGNOMAM3 | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 13.08.2010 08:14:59 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 13.08.2010 08:44:15 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 13.08.2010 14:21:14 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 13.08.2010 16:53:13 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 14.08.2010 15:15:36 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 15.08.2010 09:33:34 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 15.08.2010 17:09:42 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 16.08.2010 09:11:03 | Computer Name = PREACHERGNOMAM3 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "StarWind AE Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report > --- --- ---
Das wars. |