KurzHier | 21.11.2012 18:15 | Code:
# AdwCleaner v2.008 - Datei am 21/11/2012 um 18:10:57 erstellt
# Aktualisiert am 17/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Rene - HOME
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Rene\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Dokumente und Einstellungen\Rene\Anwendungsdaten\pdfforge
Ordner Gelöscht : C:\Programme\Trymedia
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R2].txt - [826 octets] - [21/11/2012 17:58:33]
AdwCleaner[S2].txt - [760 octets] - [21/11/2012 18:10:57]
########## EOF - C:\AdwCleaner[S2].txt - [819 octets] ########## und hier die OTl Logs
OTL Logfile: Code:
OTL logfile created on: 21.11.2012 18:17:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Rene\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,24 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 86,06% Memory free
5,09 Gb Paging File | 4,75 Gb Available in Paging File | 93,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 54,26 Gb Free Space | 72,81% Space Free | Partition Type: NTFS
Drive D: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 29,31 Gb Total Space | 26,62 Gb Free Space | 90,82% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 15,85 Gb Free Space | 81,15% Space Free | Partition Type: NTFS
Drive G: | 25,71 Gb Total Space | 12,55 Gb Free Space | 48,81% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 215,41 Gb Free Space | 23,12% Space Free | Partition Type: NTFS
Drive M: | 14,90 Gb Total Space | 10,02 Gb Free Space | 67,26% Space Free | Partition Type: FAT32
Computer Name: HOME | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Rene\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - F:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - F:\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\WINDOWS\system32\jwpen.exe (HanWang)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - F:\Avira\AntiVir Desktop\sqlite3.dll ()
========== Services (SafeList) ==========
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AntiVirSchedulerService) -- F:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- F:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (HWSuperPowerTablet) -- C:\WINDOWS\system32\jwpen.exe (HanWang)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (HYRDBios) -- system32\DRIVERS\HYRDBios.sys File not found
DRV - (cmuda) -- system32\drivers\cmuda.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOKUME~1\Rene\LOKALE~1\Temp\catchme.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (USB28xxBGA) -- C:\WINDOWS\system32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM) -- C:\WINDOWS\system32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (s0017nd5) -- C:\WINDOWS\system32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdm) -- C:\WINDOWS\system32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) -- C:\WINDOWS\system32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) -- C:\WINDOWS\system32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\WINDOWS\system32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) -- C:\WINDOWS\system32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\WINDOWS\system32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HYCtl) -- C:\WINDOWS\System32\drivers\HYCtl.sys (PHD Computer Consultants Ltd)
DRV - (hypen) -- C:\WINDOWS\system32\drivers\HYPEN.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-796845957-413027322-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-796845957-413027322-682003330-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-796845957-413027322-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-796845957-413027322-682003330-1003\..\SearchScopes\{972FD824-D740-4786-B4E5-5D4C533B9CB5}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-796845957-413027322-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2012.11.21 17:15:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] F:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-413027322-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-796845957-413027322-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-796845957-413027322-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-796845957-413027322-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Rene\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Rene\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - F:\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - F:\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - F:\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1 195.50.140.116 195.50.140.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D87AA8A-B194-43BC-A73F-1BCC3B0FF30B}: DhcpNameServer = 192.168.10.1 195.50.140.116 195.50.140.180
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Rene\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Rene\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.16 13:01:32 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.05.06 13:26:23 | 000,000,309 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2005.04.12 14:00:29 | 000,000,386 | ---- | M] () - F:\Auto.Nam -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.21 18:16:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rene\Desktop\OTL.exe
[2012.11.21 17:41:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.11.21 17:06:36 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.11.21 17:02:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.11.21 17:02:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.11.21 17:02:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.11.21 17:02:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.11.21 17:02:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.11.21 17:01:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.11.21 17:00:49 | 005,004,435 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Rene\Desktop\ComboFix.exe
[2012.11.21 16:35:35 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.11.21 13:09:46 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Rene\Desktop\tdsskiller.exe
[2012.11.21 10:57:05 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Rene\Desktop\aswMBR.exe
[2012.11.18 14:57:00 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Rene\Recent
[2012.11.07 21:22:01 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.11.07 16:43:19 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.10.22 19:44:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.22 19:44:25 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.22 19:44:25 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2008.09.29 16:13:54 | 004,275,456 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\vidcap60.exe
[2008.09.29 16:13:52 | 003,822,336 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\vegasmoviestudiope90k.dll
[2008.09.29 16:13:52 | 000,820,480 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sftutor60.dll
[2008.09.29 16:13:50 | 013,311,744 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\VegasMovieStudioPE90.exe
[2008.09.29 16:13:48 | 000,079,104 | ---- | C] (Sony Creative Software Inc) -- C:\Programme\Sony.Vegas.Publish.dll
[2008.09.29 16:13:46 | 000,288,000 | ---- | C] (Sony Pictures Digital Inc.) -- C:\Programme\Sony.Vegas.dll
[2008.09.29 16:13:44 | 000,378,112 | ---- | C] (Sony Creative Software Inc) -- C:\Programme\Sony.MediaSoftware.clrshared.dll
[2008.09.29 16:13:42 | 000,230,656 | ---- | C] (Sony Pictures Digital Inc.) -- C:\Programme\Sony.Capture.dll
[2008.09.29 16:13:36 | 001,727,744 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfvstwrap.dll
[2008.09.29 16:13:36 | 001,146,112 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sftutor.dll
[2008.09.29 16:13:32 | 001,088,768 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfs4rw.dll
[2008.09.29 16:13:32 | 001,048,832 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfpublish.dll
[2008.09.29 16:13:24 | 001,536,256 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfmarket2.dll
[2008.09.29 16:13:22 | 000,410,368 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfconfigmgr.dll
[2008.09.29 16:13:20 | 000,792,320 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfapprw.dll
[2008.09.29 16:12:34 | 001,709,312 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\ApplicationRegistration.exe
[2008.09.29 15:38:16 | 000,040,960 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfibdmux.dll
[2008.09.29 15:38:14 | 000,551,936 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\ESS.dll
[2008.09.29 15:38:08 | 000,313,344 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfwbdmux.dll
[2008.09.29 15:38:02 | 000,446,464 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfsbdmux.xsfs
[2008.09.29 15:30:04 | 000,623,104 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfcd.cdd
[2008.09.29 15:30:02 | 000,161,280 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfprnsim.pdd
[2008.09.29 15:29:58 | 000,604,160 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfld.ldd
[2008.09.29 15:29:56 | 000,162,304 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfldsim.ldd
[2008.09.29 15:29:54 | 000,164,352 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\fargo.pdd
[2008.09.29 15:29:52 | 000,015,872 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfcdsim.cdd
[2008.09.29 15:29:44 | 002,274,816 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfcdix.dll
[2008.09.29 15:29:26 | 000,400,896 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfcdfs.dll
[2008.09.29 15:29:20 | 000,023,552 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfscsi.dll
[2008.09.29 15:29:14 | 000,365,568 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfspti.dll
[2008.09.29 15:29:08 | 000,760,320 | ---- | C] (Sony Creative Software Inc.) -- C:\Programme\sfdvd.dll
[2008.08.15 13:45:02 | 000,103,680 | ---- | C] (Sony Creative Software Inc) -- C:\Programme\Sony.MediaSoftware.ExternalVideoDevice.dll
[2008.03.28 10:46:22 | 000,659,456 | ---- | C] (Sony Corporation) -- C:\Programme\sonymvd2pro_xp.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Rene\*.tmp files -> C:\Dokumente und Einstellungen\Rene\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.21 18:16:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Rene\Desktop\OTL.exe
[2012.11.21 18:12:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.21 17:58:28 | 000,543,531 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Desktop\adwcleaner.exe
[2012.11.21 17:15:04 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.11.21 17:06:42 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.11.21 17:01:41 | 005,004,435 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Rene\Desktop\ComboFix.exe
[2012.11.21 13:18:40 | 000,173,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.21 13:10:08 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Rene\Desktop\tdsskiller.exe
[2012.11.21 13:07:20 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Desktop\MBR.dat
[2012.11.21 10:57:08 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Rene\Desktop\aswMBR.exe
[2012.11.19 16:12:32 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.19 16:12:15 | 000,410,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.18 14:57:45 | 000,006,178 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121118_145740.reg
[2012.11.16 06:42:29 | 000,429,026 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.11.16 06:42:29 | 000,416,100 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.11.16 06:42:29 | 000,071,450 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.11.16 06:42:29 | 000,060,062 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.11.12 18:22:23 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121112_182215.reg
[2012.11.10 10:45:57 | 000,005,708 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121110_104555.reg
[2012.11.10 10:42:54 | 000,002,953 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.11.08 05:06:59 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.11.08 05:06:58 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.11.07 18:23:49 | 000,000,964 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121107_182347.reg
[2012.11.02 20:56:11 | 000,000,206 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121102_205608.reg
[2012.10.31 12:00:29 | 000,017,182 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121031_120027.reg
[2012.10.30 17:24:08 | 000,444,744 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20121107-175853.backup
[2012.10.25 18:44:20 | 000,000,155 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.10.24 15:36:47 | 000,000,628 | ---- | M] () -- C:\Dokumente und Einstellungen\Rene\Desktop\Free YouTube to MP3 Converter.lnk
[2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Rene\*.tmp files -> C:\Dokumente und Einstellungen\Rene\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.21 17:58:06 | 000,543,531 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Desktop\adwcleaner.exe
[2012.11.21 17:06:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.11.21 17:06:38 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2012.11.21 17:02:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.11.21 17:02:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.11.21 17:02:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.11.21 17:02:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.11.21 17:02:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.11.20 20:51:05 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Desktop\MBR.dat
[2012.11.19 16:12:15 | 000,410,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.11.18 14:57:44 | 000,006,178 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121118_145740.reg
[2012.11.12 18:22:20 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121112_182215.reg
[2012.11.10 10:45:56 | 000,005,708 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121110_104555.reg
[2012.11.07 18:23:48 | 000,000,964 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121107_182347.reg
[2012.11.02 20:56:09 | 000,000,206 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121102_205608.reg
[2012.10.31 12:00:28 | 000,017,182 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Eigene Dateien\cc_20121031_120027.reg
[2012.10.11 16:52:48 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012.02.15 10:09:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.12.18 16:32:24 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.12.18 16:32:24 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.12.18 16:32:23 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.05.21 05:01:00 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.05.16 17:24:17 | 000,005,115 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe
[2011.05.16 15:23:41 | 000,173,056 | ---- | C] () -- C:\Dokumente und Einstellungen\Rene\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.16 15:15:51 | 010,528,768 | ---- | C] () -- C:\WINDOWS\System32\RTLCPL.EXE
[2011.05.16 15:15:49 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2011.05.16 14:21:36 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.05.16 13:52:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.05.16 13:02:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.05.16 12:58:15 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.04.19 17:52:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JwPenC.dll
[2011.04.19 17:52:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JWPEN.DLL
[2011.04.19 17:52:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\jwusbchk.dll
[2011.04.19 17:52:32 | 000,010,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\HYPEN.sys
[2011.04.19 17:52:30 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\JWKey.dll
[2011.04.19 17:52:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\HWKeyPlus.exe
[2011.04.19 17:52:30 | 000,003,116 | ---- | C] () -- C:\WINDOWS\System32\HWTablet.bin
[2011.04.19 17:52:27 | 000,184,320 | ---- | C] () -- C:\WINDOWS\System32\HWTabTray.exe
[2011.02.25 20:49:41 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011.02.25 20:44:53 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011.01.13 15:47:19 | 000,000,082 | ---- | C] () -- C:\WINDOWS\odbc_merge.INI
[2008.09.29 15:52:50 | 000,042,941 | ---- | C] () -- C:\Programme\VegasMovieStudioPE90.zip
[2008.09.29 11:43:30 | 000,339,417 | ---- | C] () -- C:\Programme\VegasMovieStudioPE90.udat
[2008.08.12 11:42:44 | 001,085,400 | ---- | C] () -- C:\Programme\vegas.tut
[2008.08.11 10:08:20 | 001,301,032 | ---- | C] () -- C:\Programme\vegasjpn.tut
[2008.08.05 13:49:10 | 001,195,292 | ---- | C] () -- C:\Programme\vegasesp.tut
[2008.08.05 13:49:10 | 001,095,146 | ---- | C] () -- C:\Programme\vegasfra.tut
[2008.08.05 13:49:08 | 001,097,129 | ---- | C] () -- C:\Programme\vegasdeu.tut
[2008.06.02 08:34:52 | 000,085,533 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttlePRO v2.mht
[2008.06.02 08:34:52 | 000,074,353 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttlePRO.mht
[2008.06.02 08:34:52 | 000,051,536 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttleXpress.mht
[2008.06.02 08:34:52 | 000,012,004 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttleXpress.pref
[2008.06.02 08:34:52 | 000,012,004 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttlePRO.pref
[2008.06.02 08:34:52 | 000,012,004 | ---- | C] () -- C:\Programme\Vegas Movie Studio PE 9 -- ShuttlePRO v2.pref
[2008.03.28 10:51:22 | 000,002,488 | ---- | C] () -- C:\Programme\VegasMovieStudioPE90.oemdat
[2008.03.28 10:50:50 | 000,002,020 | ---- | C] () -- C:\Programme\smslogo.gif
[2008.03.28 10:50:48 | 000,002,807 | ---- | C] () -- C:\Programme\jpn_movieviewerMOV.htm
[2008.03.28 10:50:48 | 000,002,765 | ---- | C] () -- C:\Programme\movieviewerMOV.htm
[2008.03.28 10:50:48 | 000,001,737 | ---- | C] () -- C:\Programme\jpn_movieviewerWMV.htm
[2008.03.28 10:50:48 | 000,001,690 | ---- | C] () -- C:\Programme\movieviewerWMV.htm
[2008.03.28 10:50:48 | 000,001,589 | ---- | C] () -- C:\Programme\jpn_movieviewerRM.htm
[2008.03.28 10:50:48 | 000,001,545 | ---- | C] () -- C:\Programme\movieviewerRM.htm
[2008.03.28 10:50:48 | 000,001,150 | ---- | C] () -- C:\Programme\jpn_help_me_play_this_file.htm
[2008.03.28 10:50:46 | 000,002,798 | ---- | C] () -- C:\Programme\fra_movieviewerMOV.htm
[2008.03.28 10:50:46 | 000,001,721 | ---- | C] () -- C:\Programme\fra_movieviewerWMV.htm
[2008.03.28 10:50:46 | 000,001,572 | ---- | C] () -- C:\Programme\fra_movieviewerRM.htm
[2008.03.28 10:50:46 | 000,001,253 | ---- | C] () -- C:\Programme\fra_help_me_play_this_file.htm
[2008.03.28 10:50:46 | 000,001,106 | ---- | C] () -- C:\Programme\help_me_play_this_file.htm
[2008.03.28 10:50:44 | 000,002,808 | ---- | C] () -- C:\Programme\deu_movieviewerMOV.htm
[2008.03.28 10:50:44 | 000,002,763 | ---- | C] () -- C:\Programme\esp_movieviewerMOV.htm
[2008.03.28 10:50:44 | 000,001,732 | ---- | C] () -- C:\Programme\deu_movieviewerWMV.htm
[2008.03.28 10:50:44 | 000,001,688 | ---- | C] () -- C:\Programme\esp_movieviewerWMV.htm
[2008.03.28 10:50:44 | 000,001,587 | ---- | C] () -- C:\Programme\deu_movieviewerRM.htm
[2008.03.28 10:50:44 | 000,001,543 | ---- | C] () -- C:\Programme\esp_movieviewerRM.htm
[2008.03.28 10:50:44 | 000,001,295 | ---- | C] () -- C:\Programme\deu_help_me_play_this_file.htm
[2008.03.28 10:50:44 | 000,001,108 | ---- | C] () -- C:\Programme\esp_help_me_play_this_file.htm
[2008.03.28 10:47:58 | 000,552,960 | ---- | C] () -- C:\Programme\TSWrapper.dll
[2008.03.28 10:47:58 | 000,430,080 | ---- | C] () -- C:\Programme\FileAllocator.dll
[2008.03.28 10:47:58 | 000,233,472 | ---- | C] () -- C:\Programme\FSBuilder.dll
[2008.03.28 10:47:58 | 000,204,800 | ---- | C] () -- C:\Programme\DBWrapper.dll
[2008.03.28 10:47:58 | 000,114,688 | ---- | C] () -- C:\Programme\mux.net.dll
[2008.03.28 10:47:58 | 000,040,960 | ---- | C] ( ) -- C:\Programme\MuxCommon.dll
[2008.03.28 10:47:58 | 000,024,576 | ---- | C] ( ) -- C:\Programme\RemoteTS.dll
[2008.03.28 10:47:58 | 000,022,152 | ---- | C] () -- C:\Programme\StatusCodeTable.xml
[2008.03.28 10:47:58 | 000,020,480 | ---- | C] ( ) -- C:\Programme\DM_Hash.dll
[2008.03.28 10:47:58 | 000,018,432 | ---- | C] () -- C:\Programme\FSComp.dll
[2008.03.28 10:47:58 | 000,008,119 | ---- | C] () -- C:\Programme\udf_image.xsd
[2008.03.28 10:47:58 | 000,000,903 | ---- | C] () -- C:\Programme\StatusCodeTable.xsd
[2008.03.28 10:45:42 | 000,185,764 | ---- | C] () -- C:\Programme\sfcdix.cfg
[2007.07.10 01:01:16 | 000,048,392 | ---- | C] () -- C:\Programme\vidcap6.tut
[2006.04.04 12:40:10 | 000,095,338 | ---- | C] () -- C:\Programme\vidcap60.udat
[2006.04.04 12:40:10 | 000,012,004 | ---- | C] () -- C:\Programme\Sony Video Capture - ShuttleXpress.pref
[2006.04.04 12:40:10 | 000,012,004 | ---- | C] () -- C:\Programme\Sony Video Capture - ShuttlePRO.pref
[2006.04.04 12:40:10 | 000,012,004 | ---- | C] () -- C:\Programme\Sony Video Capture - ShuttlePRO v2.pref
========== ZeroAccess Check ==========
[2009.04.04 19:16:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 06:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report > --- --- ---
[/code]
OTL Logfile: Code:
OTL Extras logfile created on: 21.11.2012 18:17:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Rene\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,24 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 86,06% Memory free
5,09 Gb Paging File | 4,75 Gb Available in Paging File | 93,48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 54,26 Gb Free Space | 72,81% Space Free | Partition Type: NTFS
Drive D: | 6,67 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 29,31 Gb Total Space | 26,62 Gb Free Space | 90,82% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 15,85 Gb Free Space | 81,15% Space Free | Partition Type: NTFS
Drive G: | 25,71 Gb Total Space | 12,55 Gb Free Space | 48,81% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 215,41 Gb Free Space | 23,12% Space Free | Partition Type: NTFS
Drive M: | 14,90 Gb Total Space | 10,02 Gb Free Space | 67,26% Space Free | Partition Type: FAT32
Computer Name: HOME | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "F:\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "F:\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "F:\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "F:\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"F:\ICQ7.5\ICQ.exe" = F:\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"F:\ICQ7.5\ICQ.exe" = F:\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programme\REAPER\reaper.exe" = C:\Programme\REAPER\reaper.exe:*:Disabled:reaper -- (Cockos Incorporated)
"C:\Dokumente und Einstellungen\Rene\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Rene\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05FD14BA-C17E-CB5A-70EB-71AAE4DA3A26}" = ATI Catalyst Install Manager
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1A6A6531-08FC-47AD-BAC4-C41497E71031}" = Nero 7 Essentials
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACD21A44-4EF9-4461-B1F3-45786E395032}" = Tablet Driver
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP Pro
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E630D30A-79EE-407A-8F51-9D57D1F45230}" = gs_x86
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6C5F1A1-F459-498F-A50A-EE6C80799D3B}" = Cinescore Studio 1.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"ESET Online Scanner" = ESET Online Scanner v3
"FormatFactory" = FormatFactory 2.96
"Free YouTube Download_is1" = Free YouTube Download version 3.1.30.627
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"GPL Ghostscript 9.06" = GPL Ghostscript
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSNINST" = MSN
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"REAPER" = REAPER
"VLC media player" = VLC media player 2.0.3
"Windows XP Service Pack" = Windows XP Service Pack 3
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-796845957-413027322-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.11.2012 03:12:20 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 18.11.2012 06:26:00 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 18.11.2012 09:51:17 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 19.11.2012 11:13:48 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 20.11.2012 11:02:41 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 21.11.2012 05:25:37 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 21.11.2012 11:32:50 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 21.11.2012 11:38:48 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
Error - 21.11.2012 12:08:33 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul browselc.dll, Version 6.0.2900.5512, Fehleradresse 0x00009e59.
Error - 21.11.2012 13:14:01 | Computer Name = HOME | Source = .NET Runtime Optimization Service | ID = 1111
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Service reached limit of transient errors. Will shut down. Last error returned
from Service Manager: 0x80029c4a.
[ System Events ]
Error - 19.11.2012 15:54:17 | Computer Name = HOME | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 20.11.2012 11:01:23 | Computer Name = HOME | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.10.101 für die Netzwerkkarte mit der Netzwerkadresse
0011850EEC30 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 20.11.2012 11:02:36 | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HYRDBios" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 20.11.2012 11:28:45 | Computer Name = HOME | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 21.11.2012 05:24:18 | Computer Name = HOME | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.10.102 für die Netzwerkkarte mit der Netzwerkadresse
0011850EEC30 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 21.11.2012 05:25:34 | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HYRDBios" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 21.11.2012 11:32:47 | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HYRDBios" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 21.11.2012 11:38:15 | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HYRDBios" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 21.11.2012 13:10:58 | Computer Name = HOME | Source = Service Control Manager | ID = 7034
Description = Dienst "HWSuperPowerTablet" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 21.11.2012 13:13:27 | Computer Name = HOME | Source = Service Control Manager | ID = 7000
Description = Der Dienst "HYRDBios" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
< End of report > --- --- --- |