| Ravenlord=O | 27.12.2010 13:28 |
Vielen Dank erstmal! :)
Soll ich dann die Logfiles hier posten? Kann man das auch im abgesichterten Modus laufen lassen oder macht das irgendeinen Unterschied für die Logfiles?
Edit // zweiten PC mit Brenner hätte ich. Poste auch grad darüber.
Edit 2 //
OTL.txt Code:
OTL logfile created on: 27.12.2010 13:25:51 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = D:\Users\Johannes Demleitner
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 645,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 39,06 Gb Total Space | 2,93 Gb Free Space | 7,50% Space Free | Partition Type: NTFS
Drive D: | 109,99 Gb Total Space | 49,18 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 1,36 Gb Free Space | 71,44% Space Free | Partition Type: FAT
Computer Name: JONESI | User Name: Johannes Demleitner | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - D:\Users\Johannes Demleitner\OTL.exe (OldTimer Tools)
PRC - D:\Windows\explorer.exe (Microsoft Corporation)
PRC - D:\Programme\Lavasoft\Ad-Aware\AAWWSC.exe ()
PRC - D:\Windows\System32\prevhost.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - D:\Users\Johannes Demleitner\OTL.exe (OldTimer Tools)
MOD - D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - D:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - D:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - D:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - D:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - D:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - D:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - D:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - D:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - D:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (ICQ Service) -- D:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (NMSAccess) -- D:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Lavasoft Ad-Aware Service) -- D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (WwanSvc) -- D:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- D:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- D:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- D:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- D:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- D:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- D:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- D:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- D:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- D:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- D:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- D:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- D:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- D:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- D:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- D:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- D:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- D:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- D:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (LVSrvLauncher) -- D:\Programme\Common Files\logishrd\SrvLnch\SrvLnch.exe (Logitech Inc.)
SRV - (LVPrcSrv) -- d:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
========== Driver Services (SafeList) ==========
DRV - (KSecPkg) -- D:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (StarOpen) -- D:\Windows\System32\drivers\StarOpen.sys ()
DRV - (Lbd) -- D:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (cmdide) -- D:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- D:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- D:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- D:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- D:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- D:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- D:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- D:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- D:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- D:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- D:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- D:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- D:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- D:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- D:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- D:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- D:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- D:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- D:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- D:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- D:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- D:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- D:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- D:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- D:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- D:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- D:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- D:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- D:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- D:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- D:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- D:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- D:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- D:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- D:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- D:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- D:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- D:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- D:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- D:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (WSDPrintDevice) -- D:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (rdpbus) -- D:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- D:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- D:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- D:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- D:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- D:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- D:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- D:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- D:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- D:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- D:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- D:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- D:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- D:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- D:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- D:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- D:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- D:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- D:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- D:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- D:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- D:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- D:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (RTL8167) -- D:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )
DRV - (b57nd60x) -- D:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- D:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- D:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (nvlddmkm) -- D:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (LVPr2Mon) -- D:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (LVMVDrv) -- D:\Windows\System32\drivers\LVMVdrv.sys (Logitech Inc.)
DRV - (LVcKap) -- D:\Windows\System32\drivers\Lvckap.sys ()
DRV - (LVUSBSta) -- D:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (CamDrL) Logitech QuickCam Pro 3000(CamDrl) -- D:\Windows\System32\drivers\Camdrl.sys (Logitech Inc.)
DRV - (FWLANUSB) -- D:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - D:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = D:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.bearshare.com/sidebar.html?src=ssb
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A A1 3F 60 D2 8B CA 01 [binary data]
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQ6Toolbar\1010111539\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[2008.12.19 17:19:03 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\mozilla\Firefox\Profiles\j158ciqt.Johnson\extensions
[2009.11.01 15:31:30 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\mozilla\Firefox\Profiles\oewdulk3.Standard-Benutzer\extensions
[2009.11.01 15:31:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- D:\Users\Johannes Demleitner\AppData\Roaming\mozilla\Firefox\Profiles\oewdulk3.Standard-Benutzer\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.11.01 15:31:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- D:\Users\Johannes Demleitner\AppData\Roaming\mozilla\Firefox\Profiles\oewdulk3.Standard-Benutzer\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.11.01 15:31:30 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Johannes Demleitner\AppData\Roaming\mozilla\Firefox\Profiles\oewdulk3.Standard-Benutzer\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - D:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - D:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQ6Toolbar\1010111539\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - D:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [AVMWlanClient] D:\Programme\avmwlanstick\FRITZWLanMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [iTunesHelper] D:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] D:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] D:\Program Files\Logitech\QuickCam10\QuickCam10.exe ()
O4 - HKLM..\Run: [LVCOMSX] D:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe (Logitech Inc.)
O4 - HKLM..\Run: [QuickTime Task] D:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrojanScanner] D:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] D:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [1886312] D:\Users\JOHANN~1\AppData\Local\Temp\1886312.exe (HDD Corporation)
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [EA Core] D:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [ElkTBhTOiqUEWYN.exe] D:\Users\JOHANN~1\AppData\Local\Temp\ElkTBhTOiqUEWYN.exe (iWin software)
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [ICQ] D:\Program Files\ICQ6.5\ICQ.exe File not found
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [IMC] D:\Programme\FriendFinder\FriendFinder Messenger 4\imc.exe ()
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [msnmsgr] D:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2245174193-105343441-1738112136-1001..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Google Sidewiki... - D:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - D:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - D:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - D:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - D:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - D:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - D:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - D:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - D:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - D:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - D:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O29 - HKLM SecurityProviders - (credssp.dll) - D:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - D:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - D:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - D:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - D:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - D:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - D:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - D:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.26 14:44:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{05293ef0-ee5a-11de-866d-00138fe6f108}\Shell - "" = AutoRun
O33 - MountPoints2\{05293ef0-ee5a-11de-866d-00138fe6f108}\Shell\AutoRun\command - "" = N:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - D:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.27 12:30:54 | 000,602,624 | ---- | C] (OldTimer Tools) -- D:\Users\Johannes Demleitner\OTL.exe
[2010.12.27 12:18:24 | 000,000,000 | ---D | C] -- D:\ProgramData\TEMP
[2010.12.27 12:16:49 | 000,000,000 | ---D | C] -- D:\Users\Johannes Demleitner\Documents\Simply Super Software
[2010.12.27 12:16:44 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ztvcabinet.dll
[2010.12.27 12:16:42 | 000,000,000 | ---D | C] -- D:\Programme\Trojan Remover
[2010.12.27 12:16:42 | 000,000,000 | ---D | C] -- D:\Users\Johannes Demleitner\AppData\Roaming\Simply Super Software
[2010.12.27 12:16:42 | 000,000,000 | ---D | C] -- D:\ProgramData\Simply Super Software
[2010.12.27 12:15:59 | 010,488,608 | ---- | C] (Simply Super Software ) -- D:\Users\Johannes Demleitner\trjsetup682.exe
[2010.12.27 11:54:55 | 000,000,000 | ---D | C] -- D:\Programme\GridinSoft Trojan Killer
[2010.12.15 15:33:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tzres.dll
[2010.12.15 15:33:45 | 000,606,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstime.dll
[2010.12.15 15:33:42 | 000,599,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2010.12.15 15:33:42 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll
[2010.12.15 15:33:42 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2010.12.15 15:33:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2010.12.15 15:33:41 | 001,638,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb
[2010.12.15 15:33:41 | 000,386,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2010.12.15 15:33:41 | 000,064,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll
[2010.12.15 15:33:41 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll
[2010.12.15 15:33:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2010.12.15 15:33:41 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2010.12.15 15:33:38 | 000,496,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskschd.dll
[2010.12.15 15:33:38 | 000,351,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmicmiplugin.dll
[2010.12.15 15:33:38 | 000,305,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskcomp.dll
[2010.12.15 15:33:38 | 000,179,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schtasks.exe
[2010.12.15 15:33:37 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll
[2010.12.15 15:33:37 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll
[2010.12.15 15:33:36 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webio.dll
[2010.12.15 15:33:36 | 000,101,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
[2010.12.15 15:33:34 | 002,327,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
========== Files - Modified Within 30 Days ==========
[2010.12.27 13:23:19 | 000,643,628 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2010.12.27 13:23:19 | 000,606,992 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2010.12.27 13:23:19 | 000,126,188 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2010.12.27 13:23:19 | 000,103,370 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2010.12.27 13:19:09 | 000,000,054 | ---- | M] () -- D:\Windows\System32\rp_stats.dat
[2010.12.27 13:19:09 | 000,000,039 | ---- | M] () -- D:\Windows\System32\rp_rules.dat
[2010.12.27 13:18:40 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010.12.27 13:18:38 | 804,757,504 | -HS- | M] () -- D:\hiberfil.sys
[2010.12.27 12:30:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- D:\Users\Johannes Demleitner\OTL.exe
[2010.12.27 12:17:32 | 000,014,608 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 12:17:32 | 000,014,608 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 12:16:46 | 000,001,102 | ---- | M] () -- D:\Users\Public\Desktop\Trojan Remover.lnk
[2010.12.27 12:16:31 | 010,488,608 | ---- | M] (Simply Super Software ) -- D:\Users\Johannes Demleitner\trjsetup682.exe
[2010.12.27 12:13:28 | 000,293,176 | ---- | M] () -- D:\Users\Johannes Demleitner\SoftonicDownloader_fuer_trojan-remover.exe
[2010.12.27 12:10:19 | 000,001,092 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.27 12:09:03 | 000,001,096 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.27 11:54:58 | 000,001,102 | ---- | M] () -- D:\Users\Public\Desktop\Trojan Killer.lnk
[2010.12.26 13:07:28 | 000,000,977 | ---- | M] () -- D:\Users\Johannes Demleitner\Desktop\Scanner.lnk
[2010.12.17 13:25:54 | 000,265,640 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2010.12.27 12:16:46 | 000,001,102 | ---- | C] () -- D:\Users\Public\Desktop\Trojan Remover.lnk
[2010.12.27 12:16:44 | 000,162,304 | ---- | C] () -- D:\Windows\System32\ztvunrar36.dll
[2010.12.27 12:16:44 | 000,077,312 | ---- | C] () -- D:\Windows\System32\ztvunace26.dll
[2010.12.27 12:16:44 | 000,075,264 | ---- | C] () -- D:\Windows\System32\unacev2.dll
[2010.12.27 12:16:43 | 000,153,088 | ---- | C] () -- D:\Windows\System32\UNRAR3.dll
[2010.12.27 12:13:19 | 000,293,176 | ---- | C] () -- D:\Users\Johannes Demleitner\SoftonicDownloader_fuer_trojan-remover.exe
[2010.12.27 11:54:58 | 000,001,102 | ---- | C] () -- D:\Users\Public\Desktop\Trojan Killer.lnk
[2010.12.26 13:07:28 | 000,000,977 | ---- | C] () -- D:\Users\Johannes Demleitner\Desktop\Scanner.lnk
[2010.06.03 11:32:09 | 000,007,168 | ---- | C] () -- D:\Windows\System32\drivers\StarOpen.sys
[2010.01.03 16:05:45 | 000,000,056 | -H-- | C] () -- D:\ProgramData\ezsidmv.dat
[2009.12.30 13:50:09 | 000,003,584 | ---- | C] () -- D:\Users\Johannes Demleitner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- D:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\System32\BWContextHandler.dll
[2007.02.06 16:45:04 | 000,025,632 | ---- | C] () -- D:\Windows\System32\drivers\LVPr2Mon.sys
[2007.02.06 16:42:40 | 001,691,808 | ---- | C] () -- D:\Windows\System32\drivers\Lvckap.sys
[2007.02.03 08:59:04 | 000,050,127 | ---- | C] () -- D:\Windows\System32\lvcoinst.ini
[2003.08.07 14:01:50 | 000,237,568 | ---- | C] () -- D:\Windows\System32\lame_enc.dll
========== LOP Check ==========
[2009.11.18 19:02:52 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Blitware
[2010.06.03 11:32:25 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Canneverbe Limited
[2010.12.23 15:52:35 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\ICQ
[2010.09.19 11:27:38 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy
[2010.12.27 12:16:42 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Simply Super Software
[2009.11.19 06:26:53 | 000,000,456 | ---- | M] () -- D:\Windows\Tasks\Driver Robot.job
[2010.11.15 15:32:09 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.11.01 16:16:01 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Adobe
[2010.01.22 15:28:50 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Apple Computer
[2009.11.18 19:02:52 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Blitware
[2010.06.03 11:32:25 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Canneverbe Limited
[2010.01.03 18:15:10 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Google
[2010.12.23 15:52:35 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\ICQ
[2009.11.01 15:29:53 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Identities
[2009.11.01 16:16:02 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Macromedia
[2009.07.14 09:56:41 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Media Center Programs
[2010.06.03 12:36:54 | 000,000,000 | --SD | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft
[2009.11.01 15:31:28 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Mozilla
[2010.09.19 11:27:38 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy
[2009.11.02 18:00:11 | 000,000,000 | RH-D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\SecuROM
[2010.12.27 12:16:42 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Simply Super Software
[2010.11.01 20:23:32 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\Skype
[2010.11.01 19:51:58 | 000,000,000 | ---D | M] -- D:\Users\Johannes Demleitner\AppData\Roaming\skypePM
< %APPDATA%\*.exe /s >
[2010.02.28 10:17:54 | 005,394,208 | ---- | M] (Blitware Technology Inc. ) -- D:\Users\Johannes Demleitner\AppData\Roaming\Blitware\DriverRobot\updates\1.2.0.5\driverrobot_setup.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_64E749EF31745C29AAF314.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_67DB1B8F6A28368D658316.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_6FEFF9B68218417F98F549.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_A17D378A7C093FF2005726.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_CA1D36A8BD7C6E8B327132.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_D3DD076B988600E59BFD1E.exe
[2010.09.19 11:27:39 | 000,331,304 | ---- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy\OpenCandy_46D9FDFE275B4219AA2757B5B15494CD\DLMgr_3_1.6.44.exe
[2010.03.05 22:42:26 | 004,004,928 | ---- | M] (Uniblue Systems Ltd ) -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy\OpenCandy_46D9FDFE275B4219AA2757B5B15494CD\registrybooster(9).exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- D:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- D:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
[2010.02.28 10:17:54 | 005,394,208 | ---- | M] (Blitware Technology Inc. ) -- D:\Users\Johannes Demleitner\AppData\Roaming\Blitware\DriverRobot\updates\1.2.0.5\driverrobot_setup.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_64E749EF31745C29AAF314.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_67DB1B8F6A28368D658316.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_6FEFF9B68218417F98F549.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_A17D378A7C093FF2005726.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_CA1D36A8BD7C6E8B327132.exe
[2010.05.25 15:04:36 | 000,012,846 | R--- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\Microsoft\Installer\{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}\_D3DD076B988600E59BFD1E.exe
[2010.09.19 11:27:39 | 000,331,304 | ---- | M] () -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy\OpenCandy_46D9FDFE275B4219AA2757B5B15494CD\DLMgr_3_1.6.44.exe
[2010.03.05 22:42:26 | 004,004,928 | ---- | M] (Uniblue Systems Ltd ) -- D:\Users\Johannes Demleitner\AppData\Roaming\OpenCandy\OpenCandy_46D9FDFE275B4219AA2757B5B15494CD\registrybooster(9).exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- D:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- D:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- D:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- D:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- D:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- D:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- D:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- D:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- D:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- D:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- D:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- D:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- D:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
Extras.txt Code:
OTL Extras logfile created on: 27.12.2010 13:25:51 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = D:\Users\Johannes Demleitner
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.023,00 Mb Total Physical Memory | 645,00 Mb Available Physical Memory | 63,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 39,06 Gb Total Space | 2,93 Gb Free Space | 7,50% Space Free | Partition Type: NTFS
Drive D: | 109,99 Gb Total Space | 49,18 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 1,36 Gb Free Space | 71,44% Space Free | Partition Type: FAT
Computer Name: JONESI | User Name: Johannes Demleitner | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.14
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}" = FriendFinder Messenger v4.1
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CD to MP3 Ripper 2" = CD to MP3 Ripper 2
"EA Installer.-2012184321" = EA Installer
"EADM" = EA Download Manager
"Free CD Ripper_is1" = Free CD Ripper 3.1
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"ICQToolbar" = ICQ Toolbar
"NSS" = Norton Security Scan
"Trojan Remover_is1" = Trojan Remover 6.8.2
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.11.2010 07:32:32 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1b04 Startzeit der fehlerhaften Anwendung: 0x01cb83253c8ead35 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: b3c8a624-ef19-11df-aea3-00138fe6f108
Error - 14.11.2010 15:58:05 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x357c Startzeit der fehlerhaften Anwendung: 0x01cb8434b70d1db7 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 7e28b272-f029-11df-99e6-00138fe6f108
Error - 15.11.2010 11:03:24 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1f28 Startzeit der fehlerhaften Anwendung: 0x01cb84d326f13661 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 7da59021-f0c9-11df-a1c5-00138fe6f108
Error - 27.11.2010 09:50:22 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1750 Startzeit der fehlerhaften Anwendung: 0x01cb8e39ce8c589e Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 46beab3f-fa2d-11df-a110-00138fe6f108
Error - 06.12.2010 10:24:59 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x578 Startzeit der fehlerhaften Anwendung: 0x01cb95504b4fc6ac Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 9a5917bc-0144-11e0-8271-00138fe6f108
Error - 07.12.2010 12:21:37 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x2f30 Startzeit der fehlerhaften Anwendung: 0x01cb9627d55ea65f Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 1045c244-021e-11e0-98b8-00138fe6f108
Error - 15.12.2010 10:55:41 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x4cc Startzeit der fehlerhaften Anwendung: 0x01cb9c6597d1f13d Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 6200a795-085b-11e0-8846-00138fe6f108
Error - 16.12.2010 12:16:31 | Computer Name = Jonesi | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18702 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: f34 Startzeit: 01cb9d3b066fb570 Endzeit: 21 Anwendungspfad:
C:\Programme\Internet Explorer\iexplore.exe Berichts-ID: c8439afb-092f-11e0-93ce-00138fe6f108
Error - 21.12.2010 15:37:30 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: SkypeIEPlugin.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4a77e4da Ausnahmecode: 0xc0000005 Fehleroffset:
0x045f3f2b ID des fehlerhaften Prozesses: 0x6f6c Startzeit der fehlerhaften Anwendung:
0x01cba143ea732439 Pfad der fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: SkypeIEPlugin.dll Berichtskennung: bf29ebbe-0d39-11e0-a320-00138fe6f108
Error - 23.12.2010 10:52:25 | Computer Name = Jonesi | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18702 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 12b0 Startzeit: 01cba2a52121c34c Endzeit: 10 Anwendungspfad:
C:\Programme\Internet Explorer\iexplore.exe Berichts-ID: 3cdbae8a-0ea4-11e0-819b-00138fe6f108
[ System Events ]
Error - 14.06.2010 15:31:42 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 15.06.2010 10:42:21 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?06.?2010 um 21:57:42 unerwartet heruntergefahren.
Error - 15.06.2010 10:42:14 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 16.06.2010 10:43:57 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?06.?2010 um 16:53:14 unerwartet heruntergefahren.
Error - 16.06.2010 10:43:50 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 08:02:50 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 08:09:26 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?06.?2010 um 14:07:50 unerwartet heruntergefahren.
Error - 17.06.2010 08:09:19 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 09:27:20 | Computer Name = Jonesi | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 17.06.2010 09:27:20 | Computer Name = Jonesi | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7D2370AC-D8E6-4996-986A-19824F8A167C}" = Logitech QuickCam
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E78C42C-4FF9-4F41-BBC4-BF872606E79D}_is1" = Driver Robot 1.1.0.14
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{EA5A0CD7-C894-4FA8-88A5-0887E8257E4A}" = FriendFinder Messenger v4.1
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"CD to MP3 Ripper 2" = CD to MP3 Ripper 2
"EA Installer.-2012184321" = EA Installer
"EADM" = EA Download Manager
"Free CD Ripper_is1" = Free CD Ripper 3.1
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"FUSSBALL MANAGER 10" = FUSSBALL MANAGER 10
"FUSSBALL MANAGER 11" = FUSSBALL MANAGER 11
"ICQToolbar" = ICQ Toolbar
"NSS" = Norton Security Scan
"Trojan Remover_is1" = Trojan Remover 6.8.2
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.11.2010 07:32:32 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1b04 Startzeit der fehlerhaften Anwendung: 0x01cb83253c8ead35 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: b3c8a624-ef19-11df-aea3-00138fe6f108
Error - 14.11.2010 15:58:05 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x357c Startzeit der fehlerhaften Anwendung: 0x01cb8434b70d1db7 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 7e28b272-f029-11df-99e6-00138fe6f108
Error - 15.11.2010 11:03:24 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1f28 Startzeit der fehlerhaften Anwendung: 0x01cb84d326f13661 Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 7da59021-f0c9-11df-a1c5-00138fe6f108
Error - 27.11.2010 09:50:22 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x1750 Startzeit der fehlerhaften Anwendung: 0x01cb8e39ce8c589e Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 46beab3f-fa2d-11df-a110-00138fe6f108
Error - 06.12.2010 10:24:59 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x578 Startzeit der fehlerhaften Anwendung: 0x01cb95504b4fc6ac Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 9a5917bc-0144-11e0-8271-00138fe6f108
Error - 07.12.2010 12:21:37 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x2f30 Startzeit der fehlerhaften Anwendung: 0x01cb9627d55ea65f Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 1045c244-021e-11e0-98b8-00138fe6f108
Error - 15.12.2010 10:55:41 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: Flash10c.ocx, Version: 10.0.32.18,
Zeitstempel: 0x4a613d79 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001579a2 ID des fehlerhaften
Prozesses: 0x4cc Startzeit der fehlerhaften Anwendung: 0x01cb9c6597d1f13d Pfad der
fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe Pfad des fehlerhaften
Moduls: D:\Windows\system32\Macromed\Flash\Flash10c.ocx Berichtskennung: 6200a795-085b-11e0-8846-00138fe6f108
Error - 16.12.2010 12:16:31 | Computer Name = Jonesi | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18702 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: f34 Startzeit: 01cb9d3b066fb570 Endzeit: 21 Anwendungspfad:
C:\Programme\Internet Explorer\iexplore.exe Berichts-ID: c8439afb-092f-11e0-93ce-00138fe6f108
Error - 21.12.2010 15:37:30 | Computer Name = Jonesi | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.6001.18702,
Zeitstempel: 0x49b3ad2e Name des fehlerhaften Moduls: SkypeIEPlugin.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4a77e4da Ausnahmecode: 0xc0000005 Fehleroffset:
0x045f3f2b ID des fehlerhaften Prozesses: 0x6f6c Startzeit der fehlerhaften Anwendung:
0x01cba143ea732439 Pfad der fehlerhaften Anwendung: C:\Programme\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: SkypeIEPlugin.dll Berichtskennung: bf29ebbe-0d39-11e0-a320-00138fe6f108
Error - 23.12.2010 10:52:25 | Computer Name = Jonesi | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18702 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 12b0 Startzeit: 01cba2a52121c34c Endzeit: 10 Anwendungspfad:
C:\Programme\Internet Explorer\iexplore.exe Berichts-ID: 3cdbae8a-0ea4-11e0-819b-00138fe6f108
[ System Events ]
Error - 14.06.2010 15:31:42 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 15.06.2010 10:42:21 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?06.?2010 um 21:57:42 unerwartet heruntergefahren.
Error - 15.06.2010 10:42:14 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 16.06.2010 10:43:57 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?06.?2010 um 16:53:14 unerwartet heruntergefahren.
Error - 16.06.2010 10:43:50 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 08:02:50 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 08:09:26 | Computer Name = Jonesi | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?17.?06.?2010 um 14:07:50 unerwartet heruntergefahren.
Error - 17.06.2010 08:09:19 | Computer Name = Jonesi | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 17.06.2010 09:27:20 | Computer Name = Jonesi | Source = VDS Basic Provider | ID = 33554433
Description =
Error - 17.06.2010 09:27:20 | Computer Name = Jonesi | Source = VDS Basic Provider | ID = 33554433
Description =
< End of report >
|
