OTL Logfile: Code:
OTL Extras logfile created on: 10.3.2011 19:38:22 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dery\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Tschechische Republik | Language: CSY | Date Format: d.M.yyyy
1*015,00 Mb Total Physical Memory | 399,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66,77 Gb Total Space | 30,60 Gb Free Space | 45,82% Space Free | Partition Type: NTFS
Drive D: | 6,20 Gb Total Space | 0,80 Gb Free Space | 12,90% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,29 Gb Free Space | 83,16% Space Free | Partition Type: NTFS
Drive F: | 4,38 Gb Total Space | 4,19 Gb Free Space | 95,78% Space Free | Partition Type: UDF
Computer Name: Dery-PC | User Name: Dery | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{197FA988-770D-4DC0-BD4F-00F2C1463F33}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2C3C3232-FFB9-4310-B6D2-420FC4A4E160}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{47E7BAE7-AC08-4BA6-8F4C-3C3B6822BACB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6AF96449-2063-440A-8D3E-142C48C8D54D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{705A5C1D-FD32-48F6-8BED-FB2858513572}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{92017CE3-14EF-476D-BF51-E785FADB390E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CE852A01-6B43-4054-955E-EF9211CF15F3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDAC7EDA-3076-400E-B93C-F442D307C673}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1C67C573-9C79-4F8E-B8CB-D90D22498920}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{20963985-0BA9-44BD-A9F3-E998A9ED5408}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2CB56535-681A-4864-A718-C2466026C246}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{527331F3-1EF3-4EB6-BA49-DF1E98B16890}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{528A7E72-B0F1-4008-BA51-D79D078A5013}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{5713DDAC-F149-4D6F-9566-14F673834BF3}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{6CFCA493-2A86-4DA3-894F-D3753923EC66}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{8193666E-D59D-43F1-8F5C-30061F23ED55}" = protocol=6 | dir=in | app=c:\program files\mirabyte\superhtml 8.0 web studio\shtml8.exe |
"{930D92C8-6FC2-49F3-B29F-9C728F386170}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{94BBC0C8-EFDC-46BE-987B-050241EB8E1F}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{A5E92612-478C-4113-B964-B854FB672D8B}" = protocol=17 | dir=in | app=c:\program files\mirabyte\superhtml 8.0 web studio\shtml8.exe |
"{AFFCDFC8-06C7-4212-8AEB-F027C7153D95}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D0C9EBDF-EC78-4BB1-BEFE-5555558EEC0A}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D9A5AF8D-2C70-4D13-9FD9-D5519B82BA28}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{E36F5D40-8E61-4266-A605-674D6BD6FF32}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F53E38F4-CC1B-452C-BEC4-0E836A7D982B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{3CAD9BE9-AC55-4C17-8668-0374688ACF0E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{53B30E75-3844-46F7-AC78-A714BC577A59}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F4C751B9-992D-48A1-94E2-1A498310169C}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{88ED829B-6087-4DD0-AA18-10DAABDC8028}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{C13177F0-BC2E-4FB7-9E52-2235FC488ACF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{E456DF4B-F7BA-4856-9B5B-A92904F5C1C0}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03B1BBDC-7FAA-4A03-9988-A85428BAD382}" = Sun ODF Plugin for Microsoft Office 3.0
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{19789B73-7489-4EE0-8040-6C4DD5C1AF52}" = SuperHTML Web Studio
"{1D5EB783-25F8-495B-8B01-DE6D1BFBB8B4}" = VideoCam Suite 3.0
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21E62565-8639-457C-B64C-A3FF0A8B4D80}" = HP Active Support Library
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{2907F3FC-067B-4903-949B-6856737CB277}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3293C06B-003F-4027-8380-FFD79E38167D}" = Tony Hawk's American Wasteland
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 C1
"{355FADAF-55C4-4E08-88D4-A86C4CA6930C}" = HP Wireless Assistant
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme
"{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
"{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = Application Installer 4.00.B10
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACFE14D-6A85-4F24-89AF-5F537E5CF423}" = HP Credential Manager for ProtectTools
"{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}" = HP ProtectTools Security Manager 2.00 E4
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.3100
"{A5A70E61-FEAB-4CEC-977C-BE0EF8DC05AB}" = PC Connectivity Solution
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5761811-28F3-4257-B537-815C5EEF472C}" = Vodafone Mobile Connect Lite
"{BBE5C83E-4DC5-494F-8A23-3AAE242E94C2}" = HP Easy Setup - Frontend
"{C8A10AA2-9905-46A4-B2D6-D4986DD6221D}" = HP BIOS Configuration for ProtectTools
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E220724C-C477-4BD7-91D2-CABB0F475140}" = HP User Guide 0045
"{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}" = HP Help and Support
"{E58CC698-443D-43E9-89BF-BC91885EEC54}" = Essential System Updates for Microsoft Windows Vista
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F0779413-6026-4BC6-97B4-DE8D9CADAFEC}" = MSN Toolbar
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = ASL_HS_Installer32
"{FF46E334-6F35-49C3-B60A-034969BE25AB}" = Vista Default Settings
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Registry Cleaner 1.1_is1" = AVS Registry Cleaner version 1.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"CCleaner" = CCleaner (remove only)
"Core FTP LE 2.1" = Core FTP LE 2.1
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Half-Life" = Half-Life
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"ImageConverter Plus_is1" = ImageConverter Plus 8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Security Task Manager" = Security Task Manager 1.7g
"Sierra Utilities" = Sierra Utilities
"SpeedSim" = SpeedSim
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Yahoo! Companion" = Yahoo! Toolbar mit Pop-Up-Blocker
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.1.2011 16:07:52 | Computer Name = Dery-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.18999, Zeitstempel
0x4ccf92fb, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x0000c73c, Prozess-ID 0xee0, Anwendungsstartzeit
01cbc0b0b5de20c6.
Error - 1.2.2011 14:54:33 | Computer Name = Dery-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.2.0.3525 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 9b4 Anfangszeit: 01cbc24139bd5e49 Zeitpunkt der Beendigung:
42
Error - 3.2.2011 15:17:16 | Computer Name = Dery-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.2.0.3525 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: c28 Anfangszeit: 01cbc3d6a2fc8826 Zeitpunkt der Beendigung:
78
Error - 22.2.2011 7:20:44 | Computer Name = Dery-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung svchost.exe_ProfSvc, Version 6.0.6001.18000,
Zeitstempel 0x47918b89, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18327, Zeitstempel
0x4cb73436, Ausnahmecode 0xc0000005, Fehleroffset 0x00067917, Prozess-ID 0x438,
Anwendungsstartzeit 01cbd1d6e7f1ed61.
Error - 22.2.2011 7:21:25 | Computer Name = Dery-PC | Source = SDWinSec.exe | ID = 0
Description =
Error - 25.2.2011 10:58:01 | Computer Name = Dery-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung iexplore.exe, Version 8.0.6001.19019, Zeitstempel
0x4d0c3d4c, fehlerhaftes Modul SHELL32.dll, Version 6.0.6002.18393, Zeitstempel
0x4d39b5c7, Ausnahmecode 0xc0000005, Fehleroffset 0x00088faa, Prozess-ID 0x9cc,
Anwendungsstartzeit 01cbd4bdd3bd08eb.
Error - 26.2.2011 7:10:57 | Computer Name = Dery-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung hl.Exe, Version 1.0.1.0, Zeitstempel 0x3749e58a,
fehlerhaftes Modul sw.dll_unloaded, Version 0.0.0.0, Zeitstempel 0x37386b38, Ausnahmecode
0xc0000005, Fehleroffset 0x086a44f7, Prozess-ID 0xc40, Anwendungsstartzeit 01cbd5a3a5929640.
Error - 27.2.2011 13:39:07 | Computer Name = Dery-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.19019 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 3b4 Anfangszeit: 01cbd6a42c11c5f0 Zeitpunkt
der Beendigung: 62
Error - 28.2.2011 11:20:52 | Computer Name = Dery-PC | Source = Application Hang | ID = 1002
Description = Programm ICQ.exe, Version 7.2.0.3525 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: efc Anfangszeit: 01cbd75aa0cc1841 Zeitpunkt der Beendigung:
16
Error - 1.3.2011 15:35:29 | Computer Name = Dery-PC | Source = EventSystem | ID = 4609
Description =
[ Credential Manager Events ]
Error - 26.2.2011 13:42:27 | Computer Name = Dery-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Dery@Dery-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 26.2.2011 13:42:27 | Computer Name = Dery-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Dery@Dery-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 26.2.2011 13:42:28 | Computer Name = Dery-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Dery@Dery-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 26.2.2011 13:42:28 | Computer Name = Dery-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Dery@Dery-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 26.2.2011 13:42:30 | Computer Name = Dery-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Dery@Dery-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 26.2.2011 13:42:30 | Computer Name = Dery-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Dery@Dery-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 26.2.2011 13:42:31 | Computer Name = Dery-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Dery@Dery-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 26.2.2011 13:42:31 | Computer Name = Dery-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Dery@Dery-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
Error - 26.2.2011 13:45:01 | Computer Name = Dery-PC | Source = AuthServer | ID = 100811779
Description = The system failed to authenticate the submitted user credentials. Benutzer:
Dery@Dery-PC Client-GUID: {Password} Fehler: 0xC516020B Client-Host: localhost
Client-Adresse:
127.0.0.1 Authentifizierungsstelle: HP Server-Host: localhost Protokoll: HTTP
Error - 26.2.2011 13:45:01 | Computer Name = Dery-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. Benutzer: Dery@Dery-PC
Anmeldeinformationen:
Kennwort Fehler: (0xC516020B) Anmeldung fehlgeschlagen. Überprüfen Sie, ob Benutzername
und Domäne korrekt sind, und geben Sie Ihr Kennwort erneut ein. Bei Kennwörtern
wird die Groß- und Kleinschreibung beachtet. Stellen Sie sicher, dass die Feststelltaste
nicht aktiviert ist.
[ System Events ]
Error - 6.3.2011 3:08:16 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6.3.2011 13:36:39 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6.3.2011 14:09:52 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6.3.2011 14:14:48 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 6.3.2011 14:25:45 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7.3.2011 3:29:24 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 7.3.2011 5:55:19 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8.3.2011 12:50:48 | Computer Name = Dery-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 08.03.2011 um 17:48:38 unerwartet heruntergefahren.
Error - 8.3.2011 12:51:11 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 8.3.2011 16:34:12 | Computer Name = Dery-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 10.3.2011 19:38:14 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Dery\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000405 | Country: Tschechische Republik | Language: CSY | Date Format: d.M.yyyy
1*015,00 Mb Total Physical Memory | 399,00 Mb Available Physical Memory | 39,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 66,77 Gb Total Space | 30,60 Gb Free Space | 45,82% Space Free | Partition Type: NTFS
Drive D: | 6,20 Gb Total Space | 0,80 Gb Free Space | 12,90% Space Free | Partition Type: NTFS
Drive E: | 1,55 Gb Total Space | 1,29 Gb Free Space | 83,16% Space Free | Partition Type: NTFS
Drive F: | 4,38 Gb Total Space | 4,19 Gb Free Space | 95,78% Space Free | Partition Type: UDF
Computer Name: Dery-PC | User Name: Dery | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Dery\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\ParetoLogic\DriverCure\DriverCure.exe (ParetoLogic)
PRC - C:\Programme\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe (Panasonic Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\WINDOWS\System32\iashost.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\bgsvcgen.exe (B.H.A Corporation)
PRC - C:\WINDOWS\System32\agrsmsvc.exe (Agere Systems)
PRC - c:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe (Cognizance Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Dery\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (CLTNetCnService) -- File not found
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (bgsvcgen) -- C:\Windows\System32\bgsvcgen.exe (B.H.A Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\System32\agrsmsvc.exe (Agere Systems)
SRV - (ASBroker) -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (AddFiltr) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (Hewlett-Packard Development Company, L.P.)
SRV - (ASChannel) -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll (Cognizance Corporation)
SRV - (IDriverT) -- c:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (UsbserFilt) -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\System32\drivers\ccdcmb.sys (Nokia)
DRV - (avgntflt) -- C:\WINDOWS\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (hwdatacard) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (AgereSoftModem) -- C:\WINDOWS\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (eabfiltr) -- C:\WINDOWS\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw3v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw3v32.sys (Intel® Corporation)
DRV - (TPM) -- C:\WINDOWS\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (R300) -- C:\WINDOWS\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (bcm4sbxp) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (WimFltr) -- C:\WINDOWS\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (PersonalSecureDrive) -- C:\Windows\System32\drivers\psd.sys (Infineon Technologies AG)
DRV - (HBtnKey) -- C:\WINDOWS\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (cdrbsdrv) -- C:\Windows\System32\drivers\cdrbsdrv.sys (B.H.A Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.05 08:21:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.05 08:21:22 | 000,000,000 | ---D | M]
[2011.03.05 08:22:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dery\AppData\Roaming\mozilla\Extensions
[2011.03.10 19:21:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dery\AppData\Roaming\mozilla\Firefox\Profiles\8olgh73a.default\extensions
[2011.03.10 19:21:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dery\AppData\Roaming\mozilla\Firefox\Profiles\8olgh73a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.05 08:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.03.03 19:06:04 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.03 19:06:04 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.03 19:06:04 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.03 19:06:04 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.03 19:06:04 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.08.20 18:38:42 | 000,260,839 | R--- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 9058 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.04.30 16:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{265cfb14-ef62-11dd-8b2c-0017a4e32380}\Shell - "" = AutoRun
O33 - MountPoints2\{265cfb14-ef62-11dd-8b2c-0017a4e32380}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{fdfd743f-1ea7-11dd-9716-0017a4e32380}\Shell - "" = AutoRun
O33 - MountPoints2\{fdfd743f-1ea7-11dd-9716-0017a4e32380}\Shell\AutoRun\command - "" = G:\StartVMCLite.exe
O33 - MountPoints2\{fdfd746e-1ea7-11dd-9716-0017a4e32380}\Shell - "" = AutoRun
O33 - MountPoints2\{fdfd746e-1ea7-11dd-9716-0017a4e32380}\Shell\AutoRun\command - "" = H:\StartVMCLite.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\StartVMCLite.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 360 Days ==========
[2011.03.09 08:19:17 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.03.09 08:19:16 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.03.09 08:19:16 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.03.09 08:19:16 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.03.05 19:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2011.03.05 19:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011.03.05 08:21:56 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Local\Mozilla
[2011.03.05 08:21:55 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Roaming\Mozilla
[2011.03.05 08:21:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.03.05 08:21:21 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2011.03.05 00:03:18 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Roaming\Malwarebytes
[2011.03.05 00:03:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.03.05 00:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.05 00:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.05 00:03:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.03.05 00:03:01 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.03.04 23:38:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
[2011.03.04 23:38:36 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2011.03.04 23:38:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011.03.04 23:38:15 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Local\PackageAware
[2011.02.27 20:34:59 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2011.02.27 20:31:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2011.02.27 20:22:43 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2011.02.27 20:22:40 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2011.02.27 20:21:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.02.27 20:21:16 | 000,000,000 | ---D | C] -- C:\Programme\PC Connectivity Solution
[2011.02.27 20:16:48 | 000,092,672 | ---- | C] (Nokia) -- C:\Windows\System32\nmwcdcls.dll
[2011.02.27 20:15:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
[2011.02.27 20:15:30 | 000,000,000 | ---D | C] -- C:\Programme\Nokia
[2011.02.27 20:15:30 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Nokia
[2011.02.27 20:13:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations
[2011.02.26 11:52:56 | 001,022,976 | ---- | C] (Cendant Software) -- C:\Windows\System32\SierraNW.dll
[2011.02.26 11:52:56 | 000,231,936 | ---- | C] (Cendant Software) -- C:\Windows\System32\SNWValid.dll
[2011.02.26 11:52:51 | 000,000,000 | ---D | C] -- C:\Programme\Sierra On-Line
[2011.02.26 11:52:51 | 000,000,000 | ---D | C] -- C:\SIERRA
[2011.02.26 11:51:34 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2011.02.09 13:56:06 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.02.09 13:56:02 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.09 13:56:01 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.09 13:55:20 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.02.09 13:55:20 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.02.09 13:53:43 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.02.09 13:53:43 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.02.09 13:53:42 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.02.09 13:53:42 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.02.09 13:53:42 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.02.09 13:53:42 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.02.09 13:53:42 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.02.09 13:53:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.02.09 13:53:41 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.02.09 13:53:41 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.02.09 13:53:41 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.02.09 13:53:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.02.09 13:53:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.02.09 13:53:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.02.09 13:53:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.02.09 13:53:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.02.09 13:53:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.01.12 15:58:09 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 15:58:05 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010.12.30 22:15:06 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Roaming\mirabyte
[2010.12.30 22:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperHTML 8.0 Web Studio
[2010.12.30 22:13:56 | 000,000,000 | ---D | C] -- C:\Programme\mirabyte
[2010.12.30 22:09:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.12.16 07:33:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.16 07:33:18 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.16 07:33:17 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.16 07:33:17 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.16 07:33:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.16 07:33:06 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.10.29 07:27:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Panasonic
[2010.10.29 07:27:06 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Local\Panasonic
[2010.10.23 18:45:18 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Local\Chat Republic Games
[2010.10.23 15:32:18 | 000,000,000 | ---D | C] -- C:\Users\Dery\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aspyr Media, Inc
[2010.10.23 15:21:15 | 000,000,000 | ---D | C] -- C:\Programme\Aspyr Media, Inc
[2010.10.14 23:17:45 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 23:16:17 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 23:14:58 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 23:14:24 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 23:14:23 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 22:50:28 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 22:38:05 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.09.24 19:09:17 | 000,033,408 | ---- | C] (B.H.A Corporation) -- C:\Windows\System32\drivers\cdrbsdrv.sys
[2010.09.24 19:09:15 | 000,145,504 | ---- | C] (B.H.A Corporation) -- C:\Windows\System32\bgsvcgen.exe
[2010.09.24 19:09:15 | 000,059,488 | ---- | C] (B.H.A Corporation) -- C:\Windows\System32\GenSvcInst.exe
[2010.09.24 19:09:05 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Panasonic
[2010.09.24 19:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
[2010.09.24 19:08:37 | 000,000,000 | ---D | C] -- C:\Programme\Panasonic
[2010.09.24 19:08:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2010.09.24 19:08:18 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.09.15 19:21:12 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.08.12 09:20:45 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.12 09:20:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.07.08 21:01:01 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.07.08 21:01:01 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.07.08 21:01:01 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.06.09 08:04:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.05 22:31:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\ImageConverter Plus
[2010.06.05 22:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageConverter Plus
[2010.06.05 22:31:09 | 001,706,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gdiplus.dll
[2010.06.05 22:31:06 | 000,000,000 | ---D | C] -- C:\Users\Dery\Documents\Image Converter Plus
[2010.06.05 22:31:05 | 000,180,224 | ---- | C] (fCoder Group International) -- C:\Windows\System32\cnvshell.dll
[2010.06.05 22:30:58 | 000,000,000 | ---D | C] -- C:\Programme\ImageConverter Plus
[2010.06.04 21:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2010.06.04 21:03:28 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.04.14 22:15:11 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 22:12:07 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 22:12:07 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[6 C:\Users\Dery\Documents\*.tmp files -> C:\Users\Dery\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 360 Days ==========
[2011.03.10 19:42:35 | 000,000,396 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EE8B0A0E-0C2D-4843-BE8F-41F13F8893A2}.job
[2011.03.10 18:50:45 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.10 18:50:45 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.10 18:50:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.10 10:33:53 | 000,000,362 | ---- | M] () -- C:\Windows\tasks\DriverCure_sch_73662D7B-1447-11DE-887A-0017A4E32380.job
[2011.03.09 22:00:27 | 000,000,448 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2011.03.09 22:00:27 | 000,000,446 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2011.03.08 22:46:10 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.08 17:51:18 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.03.07 10:37:22 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.03.05 08:21:26 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.03.04 23:39:17 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.02.27 20:36:25 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011.02.27 20:36:23 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.02.27 20:15:37 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011.02.27 08:32:02 | 000,000,420 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version2.job
[2011.02.26 11:54:38 | 000,000,342 | ---- | M] () -- C:\Windows\SIERRA.INI
[2011.02.26 11:50:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.02.26 11:50:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.02.22 12:22:33 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\DriverCure.job
[2011.02.10 23:03:21 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2011.02.09 22:26:01 | 000,310,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.01.08 09:47:50 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.01.08 07:28:49 | 000,292,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.01.07 20:44:51 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2011.01.06 13:30:42 | 000,595,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.06 13:30:41 | 000,628,448 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.01.06 13:30:41 | 000,127,056 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.01.06 13:30:41 | 000,104,940 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.31 14:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.30 22:14:13 | 000,000,283 | ---- | M] () -- C:\Windows\{19789B73-7489-4EE0-8040-6C4DD5C1AF52}_WiseFW.ini
[2010.12.29 19:28:45 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2010.12.29 19:26:47 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.12.28 16:55:03 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.18 07:23:39 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.18 07:23:11 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.18 07:23:11 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.18 07:22:41 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.18 07:22:33 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.18 07:22:27 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.12.18 07:22:11 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.18 07:22:11 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.12.18 07:22:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.12.18 07:22:11 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.12.18 07:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.18 07:22:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.18 06:25:26 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.18 05:48:39 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.12.18 05:48:23 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.12.18 05:47:42 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.18 05:47:11 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.14 15:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2010.11.04 19:56:07 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.11.04 19:55:38 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.11.04 19:55:38 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.10.28 14:20:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.10.18 14:37:35 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.10.15 15:08:12 | 003,602,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.10.15 15:08:12 | 003,550,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.09.24 19:09:25 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\VideoCam Suite 3.0.lnk
[2010.09.24 19:09:05 | 000,002,031 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
[2010.09.13 14:56:41 | 008,147,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.09.06 17:19:06 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.08.31 16:46:37 | 000,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.08.31 16:46:37 | 000,954,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.08.26 17:37:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.20 17:05:07 | 000,867,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.07.31 14:53:24 | 004,581,351 | ---- | M] () -- C:\Users\Dery\Documents\Markus-Christof Beroun 2010.jpg
[2010.07.25 06:37:42 | 000,000,948 | ---- | M] () -- C:\Users\Public\Desktop\ParetoLogic DriverCure.lnk
[2010.06.18 18:31:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.06.16 16:30:44 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.06.05 23:36:55 | 000,005,112 | ---- | M] () -- C:\Users\Dery\Documents\EHA Logo JPG (2)
[2010.06.05 22:49:18 | 000,005,112 | ---- | M] () -- C:\Users\Dery\Documents\EHA Logo JPG (1)
[2010.06.05 22:48:36 | 000,005,112 | ---- | M] () -- C:\Users\Dery\Documents\EHA Logo JPG
[2010.06.05 22:31:11 | 000,000,788 | ---- | M] () -- C:\Users\Dery\Desktop\ImageConverter Plus.lnk
[2010.06.05 22:10:31 | 001,862,326 | ---- | M] () -- C:\Users\Dery\Documents\elite_logo.tif
[2010.05.27 21:08:17 | 000,081,920 | ---- | M] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.05.23 22:14:11 | 000,015,182 | ---- | M] () -- C:\Users\Dery\Documents\35103J.jpg
[2010.05.23 11:16:10 | 000,198,807 | ---- | M] () -- C:\Users\Dery\Documents\Visitenkarte s Logo EHA -deutsch.jpg
[2010.05.04 20:13:07 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.04.05 18:02:42 | 000,317,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.04.05 18:01:01 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.04.03 21:36:05 | 000,062,276 | ---- | M] () -- C:\Users\Dery\Documents\Plakat1.pdf
[2010.03.23 09:52:05 | 000,000,104 | ---- | M] () -- C:\Users\Dery\Documents\Computer - Verknüpfung.lnk
[2010.03.19 14:55:45 | 000,007,680 | ---- | M] () -- C:\Users\Dery\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[6 C:\Users\Dery\Documents\*.tmp files -> C:\Users\Dery\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.05 08:21:26 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.03.05 00:03:08 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.04 23:39:27 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011.03.04 23:38:37 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue RegistryBooster.lnk
[2011.02.27 20:36:25 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2011.02.27 20:36:23 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011.02.27 20:35:14 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.02.27 20:15:37 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Software Updater.lnk
[2011.02.26 11:51:39 | 000,000,342 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011.02.26 11:50:48 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.02.26 11:50:48 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.02.22 12:26:23 | 000,000,396 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{EE8B0A0E-0C2D-4843-BE8F-41F13F8893A2}.job
[2011.01.07 20:44:51 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.12.30 22:13:31 | 000,000,283 | ---- | C] () -- C:\Windows\{19789B73-7489-4EE0-8040-6C4DD5C1AF52}_WiseFW.ini
[2010.10.02 08:23:39 | 004,581,351 | ---- | C] () -- C:\Users\Dery\Documents\Markus-Christof Beroun 2010.jpg
[2010.09.24 19:09:25 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\VideoCam Suite 3.0.lnk
[2010.09.24 19:09:05 | 000,002,031 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
[2010.07.25 06:38:02 | 000,000,448 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2010.06.05 23:36:55 | 000,005,112 | ---- | C] () -- C:\Users\Dery\Documents\EHA Logo JPG (2)
[2010.06.05 22:49:18 | 000,005,112 | ---- | C] () -- C:\Users\Dery\Documents\EHA Logo JPG (1)
[2010.06.05 22:48:36 | 000,005,112 | ---- | C] () -- C:\Users\Dery\Documents\EHA Logo JPG
[2010.06.05 22:31:11 | 000,000,788 | ---- | C] () -- C:\Users\Dery\Desktop\ImageConverter Plus.lnk
[2010.05.23 22:15:06 | 000,015,182 | ---- | C] () -- C:\Users\Dery\Documents\35103J.jpg
[2010.05.23 11:17:25 | 000,198,807 | ---- | C] () -- C:\Users\Dery\Documents\Visitenkarte s Logo EHA -deutsch.jpg
[2010.04.11 21:00:50 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2010.04.11 21:00:50 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.04.03 21:36:03 | 000,062,276 | ---- | C] () -- C:\Users\Dery\Documents\Plakat1.pdf
[2010.03.23 09:52:05 | 000,000,104 | ---- | C] () -- C:\Users\Dery\Documents\Computer - Verknüpfung.lnk
[2009.11.23 09:51:08 | 000,000,680 | ---- | C] () -- C:\Users\Dery\AppData\Local\d3d9caps.dat
[2009.08.24 22:27:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.24 22:27:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.08.24 22:26:39 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.23 18:26:54 | 000,000,095 | ---- | C] () -- C:\Users\Dery\AppData\Local\fusioncache.dat
[2008.05.11 12:42:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.04.29 18:59:55 | 000,007,680 | ---- | C] () -- C:\Users\Dery\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.26 18:59:47 | 000,001,471 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.04.26 18:59:47 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.04.25 19:45:32 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.04.25 19:45:32 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.04.25 19:45:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.04.25 19:45:32 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.04.25 19:45:32 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.04.25 19:45:32 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2006.12.18 22:07:48 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll
[2006.12.18 22:07:48 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006.12.18 22:07:46 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.12.18 22:07:44 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006.11.28 21:11:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.09 17:42:33 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2006.11.09 17:42:05 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.11.03 16:25:56 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 16:38:05 | 000,628,448 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:38:05 | 000,127,056 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:44:53 | 000,310,480 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 000,595,506 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,940 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.09.18 23:02:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.09.18 23:02:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001.11.14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1999.01.22 19:46:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
[1998.05.07 02:10:00 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll
========== Files - Unicode (All) ==========
[2009.04.15 19:30:09 | 000,012,213 | ---- | M] ()(C:\Users\Dery\Documents\15.04 09 ????????????+online+(russisch).odt) -- C:\Users\Dery\Documents\15.04 09 Бронирование+online+(russisch).odt
[2009.04.15 19:30:07 | 000,012,213 | ---- | C] ()(C:\Users\Dery\Documents\15.04 09 ????????????+online+(russisch).odt) -- C:\Users\Dery\Documents\15.04 09 Бронирование+online+(russisch).odt
[2009.03.26 23:25:53 | 000,012,054 | ---- | M] ()(C:\Users\Dery\Documents\?????+??????????!.odt) -- C:\Users\Dery\Documents\Добро+пожаловать!.odt
[2009.03.26 23:25:52 | 000,012,054 | ---- | C] ()(C:\Users\Dery\Documents\?????+??????????!.odt) -- C:\Users\Dery\Documents\Добро+пожаловать!.odt
========== Alternate Data Streams ==========
@Alternate Data Stream - 981 bytes -> C:\Users\Dery\Documents\Re_ [Ticket_2009071667000512] Reseller-ID_,olichn.eml:OECustomProperty
@Alternate Data Stream - 64 bytes -> C:\Users\Dery\Documents\3-video.mpeg:TOC.WMV
< End of report > --- --- ---
[code] Code:
www.malwarebytes.org
Datenbank Version: 5993
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019
9.3.2011 0:37:47
mbam-log-2011-03-09 (00-37-47).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 282549
Laufzeit: 1 Stunde(n), 49 Minute(n), 48 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden) Ich hoffe das hilft weiter. |