Trojan.downloader/ Malwarebyte findet ihn als scr-Datei
Hallo
Routine-Check mit Malwarebyte brachte den Schädling ans Licht. Wurde von einem Benutzer als Bild-Datei runtergeladen.
Gebrauchsmässig sind keine Auffälligkeiten zu bemerken. Gemäss Log hat es keine Spuren im System.
Kann bitte jemand die LOGS noch durchschauen?
Vielen Dank schon mal.:dankeschoen:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5950
Windows 6.0.6000
Internet Explorer 7.0.6000.17037
04.03.2011 18:33:49
mbam-log-2011-03-04 (18-33-49).txt
Scan type: Quick scan
Objects scanned: 243993
Time elapsed: 4 minute(s), 45 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\D***\downloads\dsc002741436-jpg.scr (Trojan.Downloader) -> Quarantined and deleted successfully.
OTL Logfile: Code:
OTL logfile created on: 07.03.2011 14:13:14 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
766.00 Mb Total Physical Memory | 178.00 Mb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 0.00 Gb Available in Paging File | 16.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67.37 Gb Total Space | 23.12 Gb Free Space | 34.32% Space Free | Partition Type: NTFS
Drive D: | 18.05 Gb Total Space | 14.71 Gb Free Space | 81.46% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 11.37 Gb Free Space | 77.60% Space Free | Partition Type: NTFS
Computer Name: FAMILY-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
PRC - C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.)
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IviRegMgr) -- C:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
========== Driver Services (SafeList) ==========
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.)
DRV - (FETND6V) -- C:\Windows\System32\drivers\fetnd6v.sys (VIA Technologies, Inc. )
DRV - (S3GIGP) -- C:\Windows\System32\drivers\VTGKModeDX32.sys (S3 Graphics Co., Ltd.)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (nvatabus) -- C:\Windows\system32\drivers\nvatabus.sys (NVIDIA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.01.10 10:49:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.07 12:10:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.02.07 12:04:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.02.07 12:10:21 | 000,000,000 | ---D | M]
[2011.01.10 16:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.03.04 10:59:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dg6w4qzz.default\extensions
[2011.01.24 18:02:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Papi_2\AppData\Roaming\mozilla\Firefox\Profiles\dg6w4qzz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.10 12:36:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.04 09:22:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.10 12:36:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.05.03 22:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2010.05.04 09:22:36 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.10 12:36:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.01.10 12:35:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[1999.12.31 16:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.12.23 10:38:31 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.23 10:38:31 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.23 10:38:31 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.23 10:38:32 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.23 10:38:32 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.05.03 21:56:45 | 000,393,089 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 13577 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VistaADeck\HDAudioCPL.exe (VIA.)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [S3Trayp] C:\Windows\System32\s3trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programme\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1031" /heur:80 /pup /archives /IA:0 /KBD:2 /dir:"C:\Program Files\Alwil Software\Avast5") - C:\Windows\System32\aswBoot.exe (AVAST Software)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.03.07 14:11:54 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Papi_2\Desktop\OTL.exe
[2011.03.04 15:00:10 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2011.03.04 14:59:03 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.03.04 14:59:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.03.04 14:59:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.03.04 14:54:35 | 000,400,384 | ---- | C] (The RaProducts Team: Paul McLain and Fred de Vries) -- C:\Users\Papi_2\Desktop\JavaRa.exe
[2011.02.15 11:20:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
[2011.02.15 11:20:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Paltalk
[2011.02.07 12:17:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\vlc
[2011.02.07 12:08:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Tracker Software
[2011.02.07 12:05:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.02.07 11:56:38 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox 4.0 Beta 10
[2011.02.07 11:46:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011.02.07 11:42:29 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google
========== Files - Modified Within 30 Days ==========
[2011.03.07 14:20:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1BFB3293-EF92-4B48-9A04-6CD7BB761264}.job
[2011.03.07 14:20:00 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CC40EB32-6746-476B-B344-A254A4A4164C}.job
[2011.03.07 14:19:19 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.07 14:13:07 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.03.07 14:13:07 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.03.07 14:13:07 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.03.07 14:13:07 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.03.07 14:10:20 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.03.07 13:41:31 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.07 13:41:30 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.07 12:56:27 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.07 10:41:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.06 17:59:59 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2011.03.06 17:50:00 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
[2011.03.06 17:48:09 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C7722009-357A-4531-B3FD-B2D50AFA77F8}.job
[2011.03.06 16:30:07 | 803,717,120 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.04 18:17:59 | 000,000,294 | ---- | M] () -- C:\Users\***\Documents\cc_20110304_181756.reg
[2011.03.04 18:17:39 | 000,006,096 | ---- | M] () -- C:\Users\***\Documents\cc_20110304_181734.reg
[2011.03.04 15:27:11 | 189,358,834 | ---- | M] () -- C:\Users\***\Documents\Thunderbird emails.zip
[2011.03.04 11:31:49 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.02.15 11:20:24 | 000,001,312 | ---- | M] () -- C:\Users\Papi_2\Desktop\Upgrade to Paltalk Extreme.lnk
[2011.02.07 12:06:22 | 000,001,034 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2011.02.07 11:22:09 | 000,000,930 | ---- | M] () -- C:\Users\***\Desktop\Malwarebytes' Anti-Malware.lnk
========== Files Created - No Company Name ==========
[2011.03.04 18:17:58 | 000,000,294 | ---- | C] () -- C:\Users\***\Documents\cc_20110304_181756.reg
[2011.03.04 18:17:37 | 000,006,096 | ---- | C] () -- C:\Users\***\Documents\cc_20110304_181734.reg
[2011.03.04 15:26:17 | 189,358,834 | ---- | C] () -- C:\Users\***\Documents\Thunderbird emails.zip
[2011.03.04 14:54:35 | 000,299,233 | ---- | C] () -- C:\Users\***\Desktop\JavaRa.def
[2011.03.04 14:54:35 | 000,002,699 | ---- | C] () -- C:\Users\***\Desktop\Deutsch.lng
[2011.02.15 11:20:24 | 000,001,312 | ---- | C] () -- C:\Users\***\Desktop\Upgrade to Paltalk Extreme.lnk
[2011.02.07 12:06:22 | 000,001,034 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2011.02.07 11:56:44 | 000,001,959 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 10.lnk
[2011.02.07 11:22:09 | 000,000,930 | ---- | C] () -- C:\Users\***\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.06 10:17:43 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.01.06 10:17:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.01.06 10:17:43 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011.01.06 10:17:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.01.06 10:17:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.09.06 15:38:54 | 000,027,136 | ---- | C] () -- C:\Windows\System32\qtuninst.dll
[2010.05.03 13:23:09 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007.06.19 11:27:06 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll
[2007.06.19 11:26:05 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007.06.19 11:03:27 | 000,641,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2007.06.19 11:03:27 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2007.06.19 11:03:27 | 000,116,706 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2007.06.19 11:03:27 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:44:53 | 000,264,928 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.08.11 17:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
========== LOP Check ==========
[2011.02.07 12:05:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2011.02.15 11:21:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Paltalk
[2011.01.24 14:44:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2011.03.06 16:29:00 | 000,032,638 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.03.07 14:20:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1BFB3293-EF92-4B48-9A04-6CD7BB761264}.job
[2011.03.06 17:48:09 | 000,000,426 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C7722009-357A-4531-B3FD-B2D50AFA77F8}.job
[2011.03.07 14:20:00 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CC40EB32-6746-476B-B344-A254A4A4164C}.job
========== Purity Check ==========
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 07.03.2011 14:13:14 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\***\Desktop
Windows Vista Home Basic Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
766.00 Mb Total Physical Memory | 178.00 Mb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 0.00 Gb Available in Paging File | 16.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67.37 Gb Total Space | 23.12 Gb Free Space | 34.32% Space Free | Partition Type: NTFS
Drive D: | 18.05 Gb Total Space | 14.71 Gb Free Space | 81.46% Space Free | Partition Type: NTFS
Drive E: | 14.65 Gb Total Space | 11.37 Gb Free Space | 77.60% Space Free | Partition Type: NTFS
Computer Name: FAMILY-PC | User Name: Papi_2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02154BC4-1AD1-42B9-8CF0-007B95508328}" = rport=137 | protocol=17 | dir=out | app=system |
"{221E9536-84C0-4E3E-9503-E7DD089D7E6C}" = lport=139 | protocol=6 | dir=in | app=system |
"{25874692-0119-4B09-BCB0-7B8E6EC0F890}" = lport=137 | protocol=17 | dir=in | app=system |
"{27EF7E56-DA90-4FED-AF74-696C3ED1968A}" = lport=445 | protocol=6 | dir=in | app=system |
"{3DFB12C1-1B35-4263-B2BA-36D3A4EC7833}" = rport=138 | protocol=17 | dir=out | app=system |
"{736BE601-3A8C-444C-83A9-E0FFB0E00036}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{757DF415-162A-43A0-8955-6DC26C26C2F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AB5CE33C-89AD-4C5E-A9BB-62172F0BCA76}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC1FBE63-BD8F-447F-B56C-72FFE81C3006}" = rport=139 | protocol=6 | dir=out | app=system |
"{FDF756E8-05E4-4FEA-A25C-181C42F8028D}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5F33E9A8-E7CE-4F1D-9129-13C496817642}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8A483478-E941-4817-B5B8-06BEEE876EC6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A536EF0D-93E8-4BA3-A835-FDB4D1D06690}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CBEE3076-42AF-471D-B1AC-C4D610803AC9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{2362613A-DC29-49D3-96FE-18B78302A208}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{7DFC5FB3-3D50-4958-8E24-C6CACA1A6AD4}C:\program files\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"TCP Query User{A2D99657-B7E0-4FB3-B357-5F341A5B0D1F}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{CB38C08A-8697-4957-A894-CFE92D159F7F}C:\program files\intervideo\dvd8\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"TCP Query User{CCE6FF6C-B6EF-467C-98D0-6F6EA251F1C7}C:\program files\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"TCP Query User{E82C61CC-C169-4862-AEB6-28D8BC283AFB}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{EF3B63AB-D6B8-49CD-9F97-002FC10669F7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1407CE4F-343C-411B-88B7-61BF702F737E}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{17C053C8-82FA-4386-81F5-BE2DC4BCBF26}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{2284DFE3-2259-48BF-B13A-D3B60DFE5051}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{42D3237C-45FA-479A-B71D-8BD69DC6121B}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{74C36499-E2FE-44FB-B010-76F2B4F3B1EF}C:\program files\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"UDP Query User{9E7A116B-2A25-4FDD-A641-CE1297289F2C}C:\program files\intervideo\dvd8\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd8\windvd.exe |
"UDP Query User{BD31A2BB-574C-45D7-B7E6-8B19879192AB}C:\program files\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{81CD6232-10F5-4832-B3DA-1B88B1571031}" = Nero 7 Essentials
"{94D66D71-12F0-48A5-B46A-D4B835A0F1B7}" = FirstSteps Diagnostics
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A90C03D6-08E1-4C59-B93B-6919A6C0AC19}" = TSP_CODEC
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C649ED6C-2D44-40BA-AE75-0AADD5E411E5}" = Wildlife Park 2 Horses
"{C768790F-04FB-11E0-9B2C-001AA037B01E}" = Google Earth
"{CCF22908-ECD2-4068-84F1-BA02DA1EC72D}" = GoGear Spark Device Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE480239-DC94-4A5D-9CBE-415D24D2F6AD}" = Findet Nemo
"{DFF5C119-2948-4A12-B330-357ED7D4295E}" = GoGear Spark Device Manager
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"avast5" = avast! Free Antivirus
"Canon MP620 series Benutzerregistrierung" = Canon MP620 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{CE480239-DC94-4A5D-9CBE-415D24D2F6AD}" = Findet Nemo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"OnlineBible" = Online Bibel 10.95
"PalTalk8.2" = Paltalk Messenger
"PhotoScape" = PhotoScape
"QuickTime 3.0" = QuickTime 3.0
"Recuva" = Recuva
"Speccy" = Speccy
"VIA Chrome9 HC IGP Windows Vista Display" = VIA Chrome9 HC IGP Windows Vista Display
"VLC media player" = VLC media player 1.0.5
"VN_VUIns_Rhine_VIA" = VIA Rhine Family Fast Ethernet Adapter
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 18.05.2010 10:55:20 | Computer Name = Family-PC | Source = avast! | ID = 33554522
Description =
Error - 31.05.2010 10:51:37 | Computer Name = Family-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 03.03.2011 11:48:59 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
Error - 04.03.2011 05:08:36 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
Error - 04.03.2011 08:00:28 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
Error - 04.03.2011 09:17:18 | Computer Name = Family-PC | Source = EventSystem | ID = 4622
Description =
Error - 04.03.2011 09:17:18 | Computer Name = Family-PC | Source = EventSystem | ID = 4621
Description =
Error - 04.03.2011 09:48:02 | Computer Name = Family-PC | Source = EventSystem | ID = 4621
Description =
Error - 04.03.2011 10:50:36 | Computer Name = Family-PC | Source = EventSystem | ID = 4621
Description =
Error - 04.03.2011 13:20:03 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
Error - 05.03.2011 12:14:09 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
Error - 06.03.2011 12:30:25 | Computer Name = Family-PC | Source = WerSvc | ID = 5007
Description =
[ System Events ]
Error - 04.03.2011 07:02:38 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
Error - 04.03.2011 12:21:49 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
Error - 04.03.2011 13:13:16 | Computer Name = Family-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 04.03.2011 13:36:36 | Computer Name = Family-PC | Source = Service Control Manager | ID = 7043
Description =
Error - 04.03.2011 17:51:32 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
Error - 05.03.2011 12:14:56 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
Error - 05.03.2011 14:55:17 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
Error - 06.03.2011 11:28:56 | Computer Name = Family-PC | Source = Service Control Manager | ID = 7043
Description =
Error - 06.03.2011 11:28:56 | Computer Name = Family-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 06.03.2011 11:31:58 | Computer Name = Family-PC | Source = DCOM | ID = 10016
Description =
< End of report >
--- --- --- |
