| nosehair | 18.10.2011 13:57 |
so erledigt...
Extras.Txt:OTL Logfile: Code:
OTL Extras logfile created on: 18.10.2011 14:44:50 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\carlitos\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
479,48 Mb Total Physical Memory | 160,48 Mb Available Physical Memory | 33,47% Memory free
737,95 Mb Paging File | 312,56 Mb Available in Paging File | 42,36% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,53 Gb Total Space | 0,31 Gb Free Space | 0,82% Space Free | Partition Type: NTFS
Drive D: | 34,56 Gb Total Space | 16,35 Gb Free Space | 47,31% Space Free | Partition Type: NTFS
Drive E: | 2,44 Gb Total Space | 0,45 Gb Free Space | 18,37% Space Free | Partition Type: FAT32
Computer Name: CARLOS | User Name: carlitos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\t-online\Browser\Browser.exe ()
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- C:\t-online\Browser\Browser.exe "%1" ()
htmlfile [opennew] -- C:\t-online\Browser\Browser.exe "%1" ()
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- C:\t-online\Browser\Browser.exe "%1" ()
https [open] -- C:\t-online\Browser\Browser.exe "%1" ()
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\msncall.exe" = C:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\StreamCast\Morpheus\MorphEXE.exe" = C:\Programme\StreamCast\Morpheus\MorphEXE.exe:*:Enabled:Morpheus -- (Streamcast)
"C:\Programme\WinMX\WinMX.exe" = C:\Programme\WinMX\WinMX.exe:*:Enabled:WinMX Application -- (Frontcode Technologies)
"C:\Programme\Lionhead Studios Ltd\Black & White\runblack.exe" = C:\Programme\Lionhead Studios Ltd\Black & White\runblack.exe:*:Enabled:lh -- (LionHead Studios Ltd.)
"C:\Programme\LimeWire\LimeWire.exe" = C:\Programme\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:Programm zur Dateiübertragung -- (Microsoft Corporation)
"C:\Programme\Anti-Leech\ALIE_1.0.2.2\alhlp.exe" = C:\Programme\Anti-Leech\ALIE_1.0.2.2\alhlp.exe:*:Enabled:Anti-Leech plugin helper program
"C:\Programme\BearShare\BearShare.exe" = C:\Programme\BearShare\BearShare.exe:*:Disabled:BearShare
"C:\Programme\MSN Messenger\msncall.exe" = C:\Programme\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil -- (IVT Corporation)
"C:\Programme\Ares\Ares.exe" = C:\Programme\Ares\Ares.exe:*:Disabled:Ares p2p for windows
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00490EBE-23A5-4976-B95B-BE6B9DF6E2FB}" = T-Online Browser 4.5
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06029DFB-9E17-410D-A1FE-7EB5F1A1E3FD}" = HOT ALBUM MYBOX
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{56CA5D3B-3002-4E7B-90FE-071D8FDF3814}" =
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Einfache Internetanmeldung
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7646-000000000001}" = Adobe Reader 6.0 - Deutsch
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}" = Black and White
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alice" = Alice-Installationsdateien entfernen
"avast!" = avast! Antivirus
"Camera" = Digital Camera Manager
"DVD Shrink_is1" = DVD Shrink 3.2
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.37.426
"Google Updater" = Google Updater
"InstallShield_{06029DFB-9E17-410D-A1FE-7EB5F1A1E3FD}" = HOT ALBUM MYBOX
"InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}" = Einfache Internetanmeldung
"LimeWire" = LimeWire 4.8.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"MsgPlus! Plugin" = Messenger Plus! 3
"MSNINST" = MSN
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NeroVision!UninstallKey" = Ahead NeroVision Express
"OnlineBanking 4.0" = T-Online OnlineBanking 4.0
"PIXresizer_is1" = PIXresizer 2.0.3
"Python 1.5 combined Win32 extensions" = Python 1.5 combined Win32 extensions
"Python 1.5.2 (final)" = Python 1.5.2 (final)
"S3" = UniChrome Graphics Driver and Utilities
"Tcl 8.0.5 for Windows" = Tcl 8.0.5 for Windows
"TDSLSM" = T-DSL SpeedManager
"T-Online 4.0 Hilfe" = T-Online 4.0 Hilfe
"T-Online Browser" = T-Online Browser 4.0
"T-Online Copas Client 4.0" = T-Online Copas Client 4.0
"T-Online eMail 4.0" = T-Online eMail 4.0
"T-Online Messenger (TOM)" = T-Online Messenger (TOM) 4.0
"T-Online Software 4.0" = T-Online Software 4.0
"Ulead Photo Express 3.0 SE" = Ulead Photo Express 3.0 SE
"Uninstall_is1" = Uninstall 1.0.0.1
"Vocup_is1" = Vocup 1.4.3
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"WIC" = Windows Imaging Component
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMX" = WinMX
"WinRAR archiver" = WinRAR Archivierer
"WinZip" = WinZip
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"GridCashGrim" = CiD Help
"T-Online Messenger (TOM)" = T-Online Messenger (TOM)
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 13.08.2008 13:57:11 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
G:\Fotos verano 2008\viernes...golfi.jpg failed, 00000005.
Error - 13.04.2010 09:30:49 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
hxxp://www.euros4click.de/temp/counter/?action=d&sc2=1271078952218x2044824774&0.4176568380813138
failed, 0000A413.
Error - 13.04.2010 09:31:00 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
hxxp://www.euros4click.de/temp/counter/?action=d&sc2=1271078952218x2044824774&0.1705612870655251
failed, 0000A413.
Error - 13.04.2010 09:32:19 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
hxxp://www.euros4click.de/temp/counter/?action=d&sc2=1271078952218x2044824774&0.32170861066656
failed, 0000A413.
Error - 13.04.2010 09:34:37 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
hxxp://www.euros4click.de/temp/counter/?action=d&sc2=1271078952218x2044824774&0.10752595046382818
failed, 0000A413.
Error - 02.06.2011 15:16:16 | Computer Name = CARLOS | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
H:\DCIM\100CASIO\CIMG4892.JPG failed, 00000005.
[ Application Events ]
Error - 08.07.2011 15:13:45 | Computer Name = CARLOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung alicecnn.exe, Version 3.0.1.9, fehlgeschlagenes
Modul alicecnn.exe, Version 3.0.1.9, Fehleradresse 0x000010bb.
Error - 08.07.2011 15:23:43 | Computer Name = CARLOS | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung alicecnn.exe, Version 3.0.1.9, fehlgeschlagenes
Modul alicecnn.exe, Version 3.0.1.9, Fehleradresse 0x000010bb.
Error - 05.09.2011 09:12:47 | Computer Name = CARLOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung MSACCESS.EXE, Version 9.0.0.2719, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 05.09.2011 09:14:38 | Computer Name = CARLOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung RecordNow.exe, Version 7.2.7.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 07.09.2011 10:34:39 | Computer Name = CARLOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung alicecnn.exe, Version 3.0.1.9, fehlgeschlagenes
Modul alicecnn.exe, Version 3.0.1.9, Fehleradresse 0x000010bb.
Error - 20.09.2011 12:20:26 | Computer Name = CARLOS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 1.9.2.4262, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 20.09.2011 12:24:10 | Computer Name = CARLOS | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 20.09.2011 12:24:10 | Computer Name = CARLOS | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 20.09.2011 14:10:16 | Computer Name = CARLOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung acrord32.exe, Version 6.0.0.878, fehlgeschlagenes
Modul escript.api, Version 6.0.0.878, Fehleradresse 0x0009b0c9.
Error - 09.10.2011 18:26:34 | Computer Name = CARLOS | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung alicecnn.exe, Version 3.0.1.9, fehlgeschlagenes
Modul alicecnn.exe, Version 3.0.1.9, Fehleradresse 0x000010bb.
[ System Events ]
Error - 15.10.2011 12:08:04 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 16.10.2011 08:29:47 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 16.10.2011 12:48:35 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 16.10.2011 17:19:27 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 17.10.2011 09:39:19 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 17.10.2011 10:30:50 | Computer Name = CARLOS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
uagp35
Error - 17.10.2011 10:34:14 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 18.10.2011 06:45:02 | Computer Name = CARLOS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst avast!
Web Scanner.
Error - 18.10.2011 06:45:02 | Computer Name = CARLOS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "avast! Web Scanner" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 18.10.2011 06:47:13 | Computer Name = CARLOS | Source = DCOM | ID = 10010
Description = Der Server "{063D34A4-BF84-4B8D-B699-E8CA06504DDE}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
--- --- ---
OTL.Txt:OTL Logfile: Code:
OTL logfile created on: 18.10.2011 14:44:50 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\carlitos\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
479,48 Mb Total Physical Memory | 160,48 Mb Available Physical Memory | 33,47% Memory free
737,95 Mb Paging File | 312,56 Mb Available in Paging File | 42,36% Paging File free
Paging file location(s): C:\pagefile.sys 336 672 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37,53 Gb Total Space | 0,31 Gb Free Space | 0,82% Space Free | Partition Type: NTFS
Drive D: | 34,56 Gb Total Space | 16,35 Gb Free Space | 47,31% Space Free | Partition Type: NTFS
Drive E: | 2,44 Gb Total Space | 0,45 Gb Free Space | 18,37% Space Free | Partition Type: FAT32
Computer Name: CARLOS | User Name: carlitos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\carlitos\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Programme\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Programme\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Programme\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Programme\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Programme\HOTALBUMMyBOX\MediaChecker.exe (PLANNING Co., Ltd)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
PRC - C:\Programme\Java\jre1.5.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\D-Tools\daemon.exe (DAEMON'S HOME)
PRC - C:\WINDOWS\system32\VTTimer.exe (S3 Graphics, Inc.)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S10IC2.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\js3250.dll ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\daemon.dll ()
MOD - C:\Programme\D-Tools\Plugins\Images\bw5mount.dll ()
MOD - C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\u32sn.dll ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Programme\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (BlueSoleil Hid Service) -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (EPSONStatusAgent2) -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (PzWDM) -- C:\WINDOWS\system32\Drivers\PzWDM.sys (Prassi Technology)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)
DRV - (PDDSLADP) -- C:\WINDOWS\system32\drivers\PDDSLADP.SYS (ProDyne)
DRV - (PDDSLHND) -- C:\WINDOWS\System32\drivers\PDDSLHND.SYS (ProDyne)
DRV - (BlueletAudio) -- C:\WINDOWS\system32\drivers\blueletaudio.sys (IVT Corporation)
DRV - (Btcsrusb) -- C:\WINDOWS\system32\drivers\btcusb.sys (IVT Corporation)
DRV - (BTHidEnum) -- C:\WINDOWS\system32\drivers\vbtenum.sys ()
DRV - (BTHidMgr) -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys (IVT Corporation)
DRV - (BT) -- C:\WINDOWS\system32\drivers\BtNetDrv.sys (IVT Corporation)
DRV - (AVMUNET) -- C:\WINDOWS\system32\drivers\avmunet.sys (AVM GmbH)
DRV - (VcommMgr) -- C:\WINDOWS\system32\drivers\VcommMgr.sys (IVT Corporation)
DRV - (VComm) -- C:\WINDOWS\system32\drivers\VComm.sys (IVT Corporation)
DRV - (atapi) -- C:\WINDOWS\system32\DRIVERS\atapi.sys ()
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (d346prt) -- C:\WINDOWS\System32\Drivers\d346prt.sys ( )
DRV - (d346bus) -- C:\WINDOWS\system32\DRIVERS\d346bus.sys ( )
DRV - (ALCXSENS) -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (viaagp1) -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys (VIA Technologies, Inc.)
DRV - (TNPacket) -- C:\Programme\T-DSL SpeedManager\TNPACKET.SYS (T-Systems Nova GmbH)
DRV - (STV680) -- C:\WINDOWS\system32\drivers\stv680.sys (STMicroelectronics )
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
DRV - (QV2KUX) -- C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation)
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)
DRV - (Ps2) -- C:\WINDOWS\system32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (PCANDIS5) -- C:\Programme\T-DSL SpeedManager\PCANDIS5.SYS (Printing Communications Assoc., Inc. (PCAUSA))
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Alice DSL Angebote - Alice steht für schnelles Surfen und Telefonieren
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Alice DSL Angebote - Alice steht für schnelles Surfen und Telefonieren
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=DE_DE&c=Q404&bd=pavilion&pf=desktop
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {C9B68337-E93A-44EA-94DC-CB300EC06444}:4.22.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.10.03 19:33:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.10.01 12:09:16 | 000,000,000 | ---D | M]
[2009.11.23 19:15:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Mozilla\Extensions
[2011.10.17 15:54:10 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Mozilla\Firefox\Profiles\z67pvuhu.default\extensions
[2011.05.10 22:13:25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Mozilla\Firefox\Profiles\z67pvuhu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.09 18:27:08 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Mozilla\Firefox\Profiles\z67pvuhu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.07.04 15:54:25 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Mozilla\Firefox\Profiles\z67pvuhu.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2011.02.11 17:54:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.08.25 22:22:53 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.25 22:22:53 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.25 22:22:53 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.25 22:22:53 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.25 22:22:53 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\14.0.835.202\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Acrobat 6.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX\u00AE Web Player (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Programme\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
O1 HOSTS File: ([2008.02.14 16:27:04 | 000,004,188 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 bin.errorprotector.com ## added by CiD
O1 - Hosts: 127.0.0.1 br.errorsafe.com ## added by CiD
O1 - Hosts: 127.0.0.1 br.winantivirus.com ## added by CiD
O1 - Hosts: 127.0.0.1 br.winfixer.com ## added by CiD
O1 - Hosts: 127.0.0.1 de.errorsafe.com ## added by CiD
O1 - Hosts: 127.0.0.1 de.winantivirus.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.cdn.winsoftware.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.errorsafe.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.systemdoctor.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.winantispyware.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.windrivecleaner.com ## added by CiD
O1 - Hosts: 127.0.0.1 download.winfixer.com ## added by CiD
O1 - Hosts: 127.0.0.1 drivecleaner.com ## added by CiD
O1 - Hosts: 127.0.0.1 dynamique.drivecleaner.com ## added by CiD
O1 - Hosts: 127.0.0.1 errorprotector.com ## added by CiD
O1 - Hosts: 127.0.0.1 errorsafe.com ## added by CiD
O1 - Hosts: 127.0.0.1 es.winantivirus.com ## added by CiD
O1 - Hosts: 127.0.0.1 fr.winantivirus.com ## added by CiD
O1 - Hosts: 127.0.0.1 fr.winfixer.com ## added by CiD
O1 - Hosts: 127.0.0.1 go.drivecleaner.com ## added by CiD
O1 - Hosts: 127.0.0.1 go.errorsafe.com ## added by CiD
O1 - Hosts: 127.0.0.1 go.winantispyware.com ## added by CiD
O1 - Hosts: 127.0.0.1 go.winantivirus.com ## added by CiD
O1 - Hosts: 127.0.0.1 hk.winantivirus.com ## added by CiD
O1 - Hosts: 46 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (ToolBar888) - {CBCC61FA-0221-4CCC-B409-CEE865CACA3A} - C:\Programme\ToolBar888\MyToolBar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [avast!] C:\Programme\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [DAEMON Tools-1033] C:\Programme\D-Tools\daemon.exe (DAEMON'S HOME)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MBBalloon] C:\Programme\HOTALBUMMyBOX\MBBalloon.exe (PLANNING Co., Ltd.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_01\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [ares] "C:\Programme\Ares\Ares.exe" -h File not found
O4 - HKCU..\Run: [MessengerPlus3] C:\Programme\MessengerPlus! 3\MsgPlus.exe (Patchou)
O4 - HKCU..\Run: [TypeGlobal] C:\DOKUME~1\carlitos\ANWEND~1\RULEME~1\BARB POKE LIVE.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BlueSoleil.lnk = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MediaChecker.lnk = C:\Programme\HOTALBUMMyBOX\MediaChecker.exe (PLANNING Co., Ltd)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ulead Photo Express SE Calendar Checker.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe (Ulead Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\NPJPI150_01.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{066668B9-F813-4167-AFDC-D63A729D5B59}: NameServer = 62.109.123.197 213.191.74.19
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E334942A-381F-4DF2-A1C8-579151C9123D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ic32pp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tpro - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - INDEN-Design Car Tuning Mercedes Tuning Ferrari Tieferlegung BBS Felgen und KFZ Umbauten
O24 - Desktop Components:1 () - hxxp://www.wildanger-digital.de/ebay/405/stroboe.gif
O24 - Desktop Components:2 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\PE30.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\PE30.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.10.02 14:15:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d0a9bebe-9334-11da-93a4-001109a0267e}\Shell - "" = AutoRun
O33 - MountPoints2\{d0a9bebe-9334-11da-93a4-001109a0267e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d0a9bebe-9334-11da-93a4-001109a0267e}\Shell\AutoRun\command - "" = H:\preinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.10.18 14:42:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\carlitos\Desktop\OTL.exe
[2011.10.17 23:40:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\carlitos\Startmenü\Programme\Google Chrome
[2011.10.17 16:01:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Malwarebytes
[2011.10.17 16:01:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.10.17 16:01:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.10.17 16:01:15 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.10.17 16:01:15 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.09.20 18:25:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\carlitos\Eigene Dateien\Vokabelhefte
[2011.09.20 18:25:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\carlitos\Anwendungsdaten\Vocup
[2011.09.20 18:25:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\_0_
[2011.09.20 18:25:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Vocup
[2009.03.29 17:29:22 | 000,156,800 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346bus.sys
[2009.03.29 17:29:22 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d346prt.sys
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.10.18 14:42:34 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\carlitos\Desktop\OTL.exe
[2011.10.18 14:42:00 | 000,001,222 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3884678373-2167691049-3298441142-1006UA.job
[2011.10.18 12:43:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.10.18 12:43:22 | 502,845,440 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.17 23:42:01 | 000,001,170 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3884678373-2167691049-3298441142-1006Core.job
[2011.10.17 23:41:21 | 000,002,393 | ---- | M] () -- C:\Dokumente und Einstellungen\carlitos\Desktop\Google Chrome.lnk
[2011.10.14 19:48:11 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.10.13 19:30:50 | 000,126,976 | ---- | M] () -- C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.10.17 23:41:21 | 000,002,393 | ---- | C] () -- C:\Dokumente und Einstellungen\carlitos\Desktop\Google Chrome.lnk
[2011.10.17 23:37:40 | 000,001,222 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3884678373-2167691049-3298441142-1006UA.job
[2011.10.17 23:37:38 | 000,001,170 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3884678373-2167691049-3298441142-1006Core.job
[2008.06.04 16:02:19 | 000,091,923 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2008.06.04 16:02:19 | 000,076,956 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2008.06.04 16:02:19 | 000,039,121 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2008.06.04 16:02:19 | 000,027,965 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_JP.dat
[2008.02.07 17:52:53 | 000,001,142 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.12.02 16:09:43 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.06.27 18:06:25 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.06.23 18:00:35 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2007.06.18 18:23:33 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2007.06.18 18:23:33 | 000,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2007.04.23 02:15:29 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.04.23 02:01:47 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006.06.09 13:23:42 | 000,008,192 | ---- | C] () -- C:\WINDOWS\suecmdial.dll
[2006.06.09 13:03:12 | 000,000,016 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.06.09 13:02:55 | 000,042,982 | ---- | C] () -- C:\WINDOWS\System32\PDDSLADP.DLL
[2006.03.24 23:02:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muma2004.INI
[2005.07.16 13:20:44 | 000,000,730 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2004.12.07 18:46:39 | 000,126,976 | ---- | C] () -- C:\Dokumente und Einstellungen\carlitos\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004.11.30 20:37:35 | 000,000,574 | R-S- | C] () -- C:\WINDOWS\System32\TBPS.ini
[2004.11.12 15:25:52 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2004.11.11 13:58:55 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004.11.10 18:18:17 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2004.11.10 18:18:17 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2004.11.10 18:18:17 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2004.11.10 18:18:17 | 000,000,137 | ---- | C] () -- C:\WINDOWS\uno.ini
[2004.11.10 18:15:07 | 000,002,470 | ---- | C] () -- C:\WINDOWS\tonlinst.ini
[2004.10.04 21:07:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004.10.03 16:03:04 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004.10.02 16:18:45 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004.10.02 16:18:45 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004.10.02 16:18:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004.10.02 16:18:45 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004.10.02 16:18:45 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004.10.02 16:18:45 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004.10.02 15:08:05 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004.10.02 15:07:20 | 000,224,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004.10.02 14:26:04 | 000,249,921 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM15.dll
[2004.10.02 14:26:04 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes15.dll
[2004.10.02 14:25:45 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004.10.02 14:23:46 | 000,000,871 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.10.02 14:19:41 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.exe
[2004.10.02 14:19:41 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2004.10.02 14:18:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004.10.02 14:13:34 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004.10.02 14:12:31 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.10.02 13:37:21 | 000,001,978 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004.10.02 13:37:08 | 000,545,916 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.10.02 13:37:08 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.10.02 13:37:08 | 000,121,522 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.10.02 13:37:08 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.10.02 13:36:54 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.10.02 13:36:53 | 000,514,338 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.10.02 13:36:53 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.10.02 13:36:53 | 000,100,842 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.10.02 13:36:53 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.10.02 13:36:51 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.10.02 13:36:51 | 000,004,484 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.10.02 13:36:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.10.02 13:36:44 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.10.02 13:36:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.10.02 13:36:39 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.10.02 13:36:33 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004.08.04 00:59:44 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2004.06.28 22:58:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004.03.15 19:28:50 | 000,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll
[2000.09.14 04:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1999.04.30 01:00:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
< End of report >
--- --- --- |
