| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC langsam bei hoher CPU Auslastung ohne erkennbaren GrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.11.2012, 17:05
| #1 |
 |  PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Ich habe seit ca. zwei Wochen das Problem, dass mein Notebook extrem langsam bootet und danach noch einige Zeit benötigt, um "sich wieder zu beruhigen", so dass später ein Arbeiten überhaupt möglich ist. Als erste drastische Massnahme habe ich das Notebook neu aufgesetzt, d.h. die C: Partitur mit der Hilfe Wiederherstellungspartitur formatiert und neu installiert. Ich habe noch eine D: Partitur, die ich nicht angetastet habe. Da ich ein älteres Gerät habe, musste ich SP3 und diverse Updates installieren. Danach lief das System wieder stabil. Jedoch hatte ich das Problem schon sehr schnell wieder. Als Virenscanner habe ich Avira 2013 installiert und nach dem erneuten Auftreten einen Full Scan ohne Virenbefund erhalten. Das Internet habe ich zwar besucht, aber keinerlei "schädliche" Seiten aufgesucht. Nachdem ich das Problem erneut hatte, habe ich das Notebook wieder neu aufgesetzt - mit dem gleichen Ergebnis. Und dann nochmals und wieder war der Rechner nach kurzer Zeit (1 Stunde) extrem langsam. Dies ist der aktuelle Stand. Ich habe beobachtet, dass bein Booten im abgesicherten Modus das Problem nicht auftritt - daher gehe ich davon aus, dass ein technisches Problem nicht vorliegt. Ich habe mir diverse Einträge bei euch angesehen und hoffe, dass ich alles gut vorbereitet habe, damit ihr mir bei der Analyse helfen könnt. 1. Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:02 on 18/11/2012 (Frank)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.11.17.03 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Frank :: NOTEBOOK [Administrator] Schutz: Aktiviert 17.11.2012 17:01:07 mbam-log-2012-11-17 (17-01-07).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 195107 Laufzeit: 49 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter OTL logfile created on: 18.11.2012 11:54:06 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 510,42 Mb Total Physical Memory | 158,67 Mb Available Physical Memory | 31,09% Memory free 1,22 Gb Paging File | 0,59 Gb Available in Paging File | 48,03% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 32,60 Gb Total Space | 20,40 Gb Free Space | 62,56% Space Free | Partition Type: NTFS Drive D: | 34,94 Gb Total Space | 22,74 Gb Free Space | 65,07% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\WINDOWS\system32\msjetoledb40.dll () MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll () MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation) SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation) SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation) SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation) DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions [2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O15 - HKCU\..Trusted Domains: sony-europe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: vaio-link.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.18 11:21:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood [2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes [2012.11.17 16:51:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.11.17 16:51:06 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2012.11.17 16:51:06 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun [2012.11.11 17:20:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2012.11.11 17:14:57 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.11.11 17:14:57 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.11.11 17:14:57 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.11.11 17:14:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.11.11 17:14:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun [2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache [2012.11.11 17:00:53 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2012.11.11 16:59:17 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2012.11.11 16:59:17 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2012.11.11 16:59:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2012.11.11 16:59:16 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2012.11.11 16:59:16 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2012.11.11 16:32:22 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.11.11 16:32:21 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.11.11 16:26:42 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2012.11.11 16:25:31 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll [2012.11.11 16:25:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2012.11.11 16:24:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2012.11.11 16:24:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2012.11.11 16:24:22 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2012.11.11 16:23:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2012.11.11 16:22:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2012.11.11 16:21:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2012.11.11 16:21:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2012.11.11 14:40:38 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0 [2012.11.11 14:38:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2012.11.11 14:31:46 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2012.11.11 14:31:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2012.11.11 14:31:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2012.11.11 14:30:35 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads [2012.11.11 14:28:46 | 002,151,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2012.11.11 14:28:45 | 002,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2012.11.11 14:28:44 | 002,195,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2012.11.11 14:28:39 | 002,071,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2012.11.11 14:28:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2012.11.11 14:28:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe [2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla [2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla [2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla [2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service [2012.11.11 14:25:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Avira [2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2012.11.11 14:23:56 | 018,090,960 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe [2012.11.11 14:23:48 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2012.11.11 14:21:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2012.11.11 14:21:29 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData [2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia [2012.11.11 14:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2012.11.11 14:10:34 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.11.11 14:10:30 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.11.11 14:10:30 | 000,083,432 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.11.11 14:10:30 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.11.11 14:10:24 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2012.11.11 14:10:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira [2012.11.11 14:09:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll [2012.11.11 14:09:00 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2012.11.11 14:08:21 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2012.11.11 14:07:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll [2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update [2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012.11.11 12:51:50 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2012.11.11 12:51:45 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2012.11.11 12:51:45 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2012.11.11 12:51:45 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2012.11.11 12:51:45 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2012.11.11 12:51:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2012.11.11 12:51:45 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2012.11.11 12:51:45 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2012.11.11 12:51:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2012.11.11 12:51:45 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2012.11.11 12:51:45 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2012.11.11 12:51:45 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2012.11.11 12:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2012.11.11 12:51:44 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2012.11.11 12:51:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2012.11.11 12:51:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2012.11.11 12:51:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2012.11.11 12:51:43 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2012.11.11 12:51:43 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2012.11.11 12:51:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2012.11.11 12:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2012.11.11 12:51:43 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2012.11.11 12:51:41 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2012.11.11 12:51:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2012.11.11 12:51:41 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2012.11.11 12:51:41 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2012.11.11 12:51:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2012.11.11 12:51:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2012.11.11 12:51:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2012.11.11 12:51:40 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2012.11.11 12:51:40 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2012.11.11 12:51:40 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2012.11.11 12:51:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2012.11.11 12:51:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2012.11.11 12:51:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2012.11.11 12:51:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2012.11.11 12:51:39 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2012.11.11 12:51:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2012.11.11 12:51:39 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2012.11.11 12:51:39 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2012.11.11 12:51:39 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2012.11.11 12:51:39 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2012.11.11 12:51:39 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2012.11.11 12:51:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2012.11.11 12:51:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2012.11.11 12:51:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2012.11.11 12:51:37 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2012.11.11 12:51:37 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2012.11.11 12:51:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2012.11.11 12:51:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012.11.11 12:51:35 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2012.11.11 12:47:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2012.11.11 12:47:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2012.11.11 12:47:23 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2012.11.11 12:47:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2012.11.11 12:47:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2012.11.11 12:47:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2012.11.11 12:47:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2012.11.11 12:47:22 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2012.11.11 12:47:22 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2012.11.11 12:47:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2012.11.11 12:47:22 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2012.11.11 12:47:22 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2012.11.11 12:47:22 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2012.11.11 12:47:22 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2012.11.11 12:47:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2012.11.11 12:47:22 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2012.11.11 12:47:22 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2012.11.11 12:47:22 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2012.11.11 12:47:22 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2012.11.11 12:47:22 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2012.11.11 12:47:22 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2012.11.11 12:47:22 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2012.11.11 12:47:22 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2012.11.11 12:47:22 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2012.11.11 12:47:22 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2012.11.11 12:47:21 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2012.11.11 12:47:21 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2012.11.11 12:47:21 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2012.11.11 12:47:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2012.11.11 12:47:21 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2012.11.11 12:47:21 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2012.11.11 12:47:21 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2012.11.11 12:47:21 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2012.11.11 12:47:21 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2012.11.11 12:47:20 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2012.11.11 12:47:20 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2012.11.11 12:47:20 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2012.11.11 12:47:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2012.11.11 12:47:19 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2012.11.11 12:47:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2012.11.11 12:47:19 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2012.11.11 12:47:19 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2012.11.11 12:47:19 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2012.11.11 12:47:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2012.11.11 12:47:19 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2012.11.11 12:47:19 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2012.11.11 12:47:19 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2012.11.11 12:47:19 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2012.11.11 12:47:19 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2012.11.11 12:47:18 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2012.11.11 12:47:18 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2012.11.11 12:47:18 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2012.11.11 12:47:18 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2012.11.11 12:47:18 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2012.11.11 12:47:18 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2012.11.11 12:38:59 | 328,324,136 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe [2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD [2012.11.11 12:26:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office [2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER [2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF [2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components [2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher [2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone [2012.11.11 12:15:28 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll [2012.11.11 12:15:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll [2012.11.11 12:15:25 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe [2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media [2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML [2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic [2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic [2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll [2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll [2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll [2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio [2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll [2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll [2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll [2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures [2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype [2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio [2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared [2012.11.11 12:09:09 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplw7.dll [2012.11.11 12:09:08 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplpx.dll [2012.11.11 12:09:07 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm6.dll [2012.11.11 12:09:07 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm5.dll [2012.11.11 12:09:07 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplp6.dll [2012.11.11 12:09:06 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipla6.dll [2012.11.11 12:09:06 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipl.dll [2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio [2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2 [2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2 [2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus [2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility [2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart [2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030} [2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.11.18 11:20:53 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.11.18 11:12:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.11.18 11:12:45 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys [2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.17 16:51:36 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.17 16:08:36 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.11.17 16:08:36 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.11.17 16:08:35 | 000,083,432 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.11.17 15:47:08 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.11.11 17:14:33 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.11.11 17:14:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.11.11 17:14:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.11.11 17:14:27 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.11.11 17:14:27 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.11.11 17:13:14 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.11.11 17:13:14 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.11.11 17:13:14 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.11.11 17:13:14 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.11.11 17:03:58 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.11.11 16:32:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.11.11 16:32:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 14:24:35 | 018,090,960 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe [2012.11.11 14:10:53 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr [2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM [2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM [2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem [2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk [2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [2012.11.10 14:28:30 | 328,324,136 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe [2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys [2012.10.22 20:56:29 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.17 16:51:36 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys [2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk [2012.11.11 14:10:53 | 000,001,675 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk [2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk [2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk [2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk [2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk [2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll [2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk [2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk [2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk [2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk [2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 18.11.2012 11:54:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,42 Mb Total Physical Memory | 158,67 Mb Available Physical Memory | 31,09% Memory free
1,22 Gb Paging File | 0,59 Gb Available in Paging File | 48,03% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,40 Gb Free Space | 62,56% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,74 Gb Free Space | 65,07% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.2
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E4715C25-7114-4F40-A915-C1951D4D7520}" = VAIO Update Merge Module x86
"{E5E6E687-1031-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements - Deutsch
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.10
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Acrobat 7.0 Elements - Deutsch" = Adobe Acrobat 7.0 Elements - Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"ie8" = Windows Internet Explorer 8
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Skype_is1" = Skype 1.3
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2012 09:11:38 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 17.11.2012 11:29:15 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
[ System Events ]
Error - 11.11.2012 12:37:26 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 11.11.2012 12:37:42 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.11.2012 12:37:52 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 11.11.2012 12:38:12 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 11.11.2012 12:38:23 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.11.2012 12:38:35 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 11.11.2012 12:38:45 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.11.2012 12:39:01 | Computer Name = NOTEBOOK | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
geantwortet.
Error - 11.11.2012 12:39:20 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
Error - 11.11.2012 12:39:30 | Computer Name = NOTEBOOK | Source = Cdrom | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\CdRom0.
< End of report >
Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-11-18 14:50:43
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 HTS421280H9AT00 rev.HAJOA70G
Running: 6e5b5bgf.exe; Driver: C:\DOKUME~1\Frank\LOKALE~1\Temp\uwloqpow.sys
---- System - GMER 1.0.15 ----
SSDT F8AFDA94 ZwClose
SSDT F8AFDA4E ZwCreateKey
SSDT F8AFDA9E ZwCreateSection
SSDT F8AFDA44 ZwCreateThread
SSDT F8AFDA53 ZwDeleteKey
SSDT F8AFDA5D ZwDeleteValueKey
SSDT F8AFDA8F ZwDuplicateObject
SSDT F8AFDA62 ZwLoadKey
SSDT F8AFDA30 ZwOpenProcess
SSDT F8AFDA35 ZwOpenThread
SSDT F8AFDAB7 ZwQueryValueKey
SSDT F8AFDA6C ZwReplaceKey
SSDT F8AFDAA8 ZwRequestWaitReplyPort
SSDT F8AFDA67 ZwRestoreKey
SSDT F8AFDAA3 ZwSetContextThread
SSDT F8AFDAAD ZwSetSecurityObject
SSDT F8AFDA58 ZwSetValueKey
SSDT F8AFDAB2 ZwSystemDebugControl
SSDT F8AFDA3F ZwTerminateProcess
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF7997360, 0x1DD36D, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
? C:\WINDOWS\system32\winlogon.exe[800] C:\WINDOWS\system32\ntdll.dll image checksum mismatch; number of sections mismatch; time/date stamp mismatch; unknown module: WINMM.dllunknown module: MSGINA.dllunknown module: RASAPI32.dllunknown module: MPR.dllunknown module: AUTHZ.dllunknown module: NDdeApi.dllunknown module: PROFMAP.dllunknown module: SETUPAPI.dllunknown module: VERSION.dllunknown module: WINSTA.dllunknown module: WINTRUST.dll
---- EOF - GMER 1.0.15 ----
Ich mache dies zum ersten Mal und hoffe, dass die Informationen für´s erste ausreichend sind. Leider habe ich das Problem, dass ich wochentags im Ausland wohne und arbeite und das Notebook hier in Deutschland bleibt. Ich werde eure Anmerkungen und Fragen zwar lesen, aber erst am Wochenende beantworten können. Es wird dann zwar etwas langwieriger - aber ich hoffe, dass ihr mir trotzdem weiterhelfen könnt. Ich bin übrigens bereit, das Notebook erneut neu aufzubauen, wenn dies die einfachere Variante ist. Ich müsste dann nur wissen, was mein Problem (Virus ???) ist und wie ich es in Zukunft vermeiden kann. Herzlichen Dank im Voraus für eure Hilfe ! Frank Geändert von flkor (18.11.2012 um 17:56 Uhr) |
|
19.11.2012, 14:30
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Zitat:
Zitat:
 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ |
|
19.11.2012, 22:38
| #3 | |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hallo Cosinus,
__________________vielen Dank für deine Antwort. Ich möchte mich nur melden, damit du weisst, dass ich die Antworten checke. Wie im Thread schon mitgeteilt, kann ich frühestens Freitag Abend oder Samstag Nachmittag deine Anweisungen durchführen. Bitte also den Thread nicht herauskicken - ich werde mich ganz sicher melden. Bezüglich "Partitur" - bitte entschuldige die Freudsche Fehlleistung - ich wollte ganz sicher "Partition" schreiben, wir sind schliesslich nicht im Klavierforum  Grüsse aus der Schweiz und bis Freitag dann... Frank Zitat:
Vielen Dank Frank |
|
23.11.2012, 21:46
| #4 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, ich habe die beiden Punkte ausgeführt: 1. aswMBR Erster Scan "Quick Scan" ist mit "Blue Screen" abgeschmiert. Zweiter Scan "None" ist durchgelaufen -> LOG Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-23 21:16:17
-----------------------------
21:16:17.343 OS Version: Windows 5.1.2600 Service Pack 3
21:16:17.343 Number of processors: 1 586 0xD08
21:16:17.343 ComputerName: NOTEBOOK UserName: Frank
21:16:25.531 Initialize success
21:19:56.218 AVAST engine defs: 12112301
21:21:20.078 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:21:20.078 Disk 0 Vendor: HTS421280H9AT00 HAJOA70G Size: 76319MB BusType: 3
21:21:20.078 Disk 1 \Device\Harddisk1\DR4 -> \Device\0000007b
21:21:20.078 Disk 1 Vendor: ( Size: 76319MB BusType: 0
21:21:20.531 Disk 0 MBR read successfully
21:21:20.531 Disk 0 MBR scan
21:21:26.109 Disk 0 Windows XP default MBR code
21:21:26.171 Disk 0 Partition 1 00 12 Compaq diag NTFS 7153 MB offset 63
21:21:28.390 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 33385 MB offset 14651280
21:21:29.000 Disk 0 Partition - 00 0F Extended LBA 35777 MB offset 83023920
21:21:29.171 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 35777 MB offset 83023983
21:21:30.234 Disk 0 scanning sectors +156296385
21:21:33.093 Disk 0 scanning C:\WINDOWS\system32\drivers
21:24:15.390 Service scanning
21:26:52.890 Modules scanning
21:27:39.218 Disk 0 trace - called modules:
21:27:39.234 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
21:27:39.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8298aab8]
21:27:39.234 3 CLASSPNP.SYS[f8506fd7] -> nt!IofCallDriver -> \Device\00000073[0x8291a9e8]
21:27:39.234 5 ACPI.sys[f837c620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8291ad98]
21:27:39.234 Scan finished successfully
21:29:02.671 Disk 0 MBR has been saved successfully to "D:\Download\Virus-Software\MBR.dat"
21:29:02.671 The log file has been saved successfully to "D:\Download\Virus-Software\aswMBR.txt"
2. TDSS-Killer Code:
ATTFilter 21:30:44.0578 1216 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:30:44.0812 1216 ============================================================
21:30:44.0812 1216 Current date / time: 2012/11/23 21:30:44.0812
21:30:44.0812 1216 SystemInfo:
21:30:44.0812 1216
21:30:44.0812 1216 OS Version: 5.1.2600 ServicePack: 3.0
21:30:44.0812 1216 Product type: Workstation
21:30:44.0812 1216 ComputerName: NOTEBOOK
21:30:44.0812 1216 UserName: Frank
21:30:44.0812 1216 Windows directory: C:\WINDOWS
21:30:44.0812 1216 System windows directory: C:\WINDOWS
21:30:44.0812 1216 Processor architecture: Intel x86
21:30:44.0812 1216 Number of processors: 1
21:30:44.0812 1216 Page size: 0x1000
21:30:44.0812 1216 Boot type: Normal boot
21:30:44.0812 1216 ============================================================
21:30:48.0953 1216 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:30:48.0968 1216 ============================================================
21:30:48.0968 1216 \Device\Harddisk0\DR0:
21:30:48.0968 1216 MBR partitions:
21:30:48.0968 1216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDF8F90, BlocksNum 0x41348A0
21:30:48.0984 1216 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x4F2D86F, BlocksNum 0x45E0C52
21:30:48.0984 1216 ============================================================
21:30:49.0062 1216 C: <-> \Device\Harddisk0\DR0\Partition1
21:30:49.0140 1216 D: <-> \Device\Harddisk0\DR0\Partition2
21:30:49.0140 1216 ============================================================
21:30:49.0140 1216 Initialize success
21:30:49.0140 1216 ============================================================
21:31:14.0203 1136 ============================================================
21:31:14.0203 1136 Scan started
21:31:14.0203 1136 Mode: Manual; SigCheck; TDLFS;
21:31:14.0203 1136 ============================================================
21:31:16.0390 1136 ================ Scan system memory ========================
21:31:16.0390 1136 System memory - ok
21:31:16.0406 1136 ================ Scan services =============================
21:31:16.0843 1136 Abiosdsk - ok
21:31:16.0859 1136 abp480n5 - ok
21:31:17.0031 1136 [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:31:17.0906 1136 ACPI - ok
21:31:17.0953 1136 [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
21:31:18.0093 1136 ACPIEC - ok
21:31:18.0281 1136 [ 0F6D872FD048D437DCBF5C1A80194886 ] AdobeActiveFileMonitor C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
21:31:18.0390 1136 AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - warning
21:31:18.0390 1136 AdobeActiveFileMonitor - detected UnsignedFile.Multi.Generic (1)
21:31:18.0390 1136 adpu160m - ok
21:31:18.0500 1136 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:31:18.0687 1136 aec - ok
21:31:18.0750 1136 [ 2C5C22990156A1063E19AD162191DC1D ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
21:31:18.0781 1136 AegisP ( UnsignedFile.Multi.Generic ) - warning
21:31:18.0781 1136 AegisP - detected UnsignedFile.Multi.Generic (1)
21:31:18.0906 1136 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:31:19.0015 1136 AFD - ok
21:31:19.0015 1136 Aha154x - ok
21:31:19.0031 1136 aic78u2 - ok
21:31:19.0046 1136 aic78xx - ok
21:31:19.0125 1136 [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:31:19.0281 1136 Alerter - ok
21:31:19.0328 1136 [ 190CD73D4984F94D823F9444980513E5 ] ALG C:\WINDOWS\System32\alg.exe
21:31:19.0484 1136 ALG - ok
21:31:19.0500 1136 AliIde - ok
21:31:19.0500 1136 amsint - ok
21:31:19.0687 1136 [ A5569C4429D1C5494049FBFE2B2D20FF ] AntiVirSchedulerService C:\Programme\Avira\AntiVir Desktop\sched.exe
21:31:19.0781 1136 AntiVirSchedulerService - ok
21:31:19.0875 1136 [ CB7EA00A4E70DF6828EBB68633D000D2 ] AntiVirService C:\Programme\Avira\AntiVir Desktop\avguard.exe
21:31:19.0921 1136 AntiVirService - ok
21:31:20.0000 1136 [ D3DA11B88AB29076B78FF79F35F0586B ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
21:31:20.0093 1136 ApfiltrService - ok
21:31:20.0109 1136 AppMgmt - ok
21:31:20.0171 1136 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:31:20.0312 1136 Arp1394 - ok
21:31:20.0312 1136 asc - ok
21:31:20.0328 1136 asc3350p - ok
21:31:20.0328 1136 asc3550 - ok
21:31:20.0437 1136 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:31:20.0562 1136 AsyncMac - ok
21:31:20.0640 1136 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:31:20.0875 1136 atapi - ok
21:31:20.0921 1136 Atdisk - ok
21:31:21.0015 1136 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:31:21.0187 1136 Atmarpc - ok
21:31:21.0250 1136 [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:31:21.0421 1136 AudioSrv - ok
21:31:21.0546 1136 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:31:21.0671 1136 audstub - ok
21:31:21.0734 1136 [ 680B3A1BE559B5D5AAC04C7949469DD6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:31:21.0828 1136 avgntflt - ok
21:31:21.0953 1136 [ 6B289080B9752DAD39C1C2B98B479DCE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:31:22.0015 1136 avipbb - ok
21:31:22.0062 1136 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:31:22.0078 1136 avkmgr - ok
21:31:22.0140 1136 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:31:22.0296 1136 Beep - ok
21:31:22.0578 1136 [ D6F603772A789BB3228F310D650B8BD1 ] BITS C:\WINDOWS\system32\qmgr.dll
21:31:23.0218 1136 BITS - ok
21:31:23.0312 1136 [ B71549F23736ADF83A571061C47777FD ] Browser C:\WINDOWS\System32\browser.dll
21:31:23.0406 1136 Browser - ok
21:31:23.0453 1136 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:31:23.0625 1136 cbidf2k - ok
21:31:23.0625 1136 cd20xrnt - ok
21:31:23.0671 1136 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:31:23.0828 1136 Cdaudio - ok
21:31:23.0906 1136 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:31:24.0046 1136 Cdfs - ok
21:31:24.0093 1136 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:31:24.0281 1136 Cdrom - ok
21:31:24.0281 1136 Changer - ok
21:31:24.0328 1136 [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc C:\WINDOWS\system32\cisvc.exe
21:31:24.0468 1136 CiSvc - ok
21:31:24.0500 1136 [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:31:24.0765 1136 ClipSrv - ok
21:31:24.0796 1136 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:31:24.0921 1136 CmBatt - ok
21:31:24.0921 1136 CmdIde - ok
21:31:24.0953 1136 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
21:31:25.0078 1136 Compbatt - ok
21:31:25.0093 1136 COMSysApp - ok
21:31:25.0109 1136 Cpqarray - ok
21:31:25.0250 1136 [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:31:25.0421 1136 CryptSvc - ok
21:31:25.0437 1136 dac2w2k - ok
21:31:25.0437 1136 dac960nt - ok
21:31:25.0718 1136 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:31:26.0234 1136 DcomLaunch - ok
21:31:26.0375 1136 [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:31:26.0593 1136 Dhcp - ok
21:31:26.0718 1136 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:31:26.0859 1136 Disk - ok
21:31:26.0859 1136 dmadmin - ok
21:31:27.0437 1136 [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:31:28.0359 1136 dmboot - ok
21:31:28.0406 1136 [ 526192BF7696F72E29777BF4A180513A ] DMICall C:\WINDOWS\system32\DRIVERS\DMICall.sys
21:31:28.0531 1136 DMICall - ok
21:31:28.0671 1136 [ 53720AB12B48719D00E327DA470A619A ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:31:28.0859 1136 dmio - ok
21:31:28.0906 1136 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:31:29.0046 1136 dmload - ok
21:31:29.0093 1136 [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver C:\WINDOWS\System32\dmserver.dll
21:31:29.0281 1136 dmserver - ok
21:31:29.0328 1136 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:31:29.0468 1136 DMusic - ok
21:31:29.0562 1136 [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:31:29.0906 1136 Dnscache - ok
21:31:30.0046 1136 [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:31:30.0328 1136 Dot3svc - ok
21:31:30.0328 1136 dpti2o - ok
21:31:30.0359 1136 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:31:30.0500 1136 drmkaud - ok
21:31:30.0640 1136 [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
21:31:30.0703 1136 E100B - ok
21:31:30.0765 1136 [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:31:30.0937 1136 EapHost - ok
21:31:30.0984 1136 [ 877C18558D70587AA7823A1A308AC96B ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:31:31.0125 1136 ERSvc - ok
21:31:31.0250 1136 [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog C:\WINDOWS\system32\services.exe
21:31:31.0343 1136 Eventlog - ok
21:31:31.0546 1136 [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem C:\WINDOWS\system32\es.dll
21:31:31.0750 1136 EventSystem - ok
21:31:31.0859 1136 [ 12B0134BB2F5E482128F901E34E7138E ] EvtEng C:\Programme\Intel\Wireless\Bin\EvtEng.exe
21:31:31.0937 1136 EvtEng ( UnsignedFile.Multi.Generic ) - warning
21:31:31.0937 1136 EvtEng - detected UnsignedFile.Multi.Generic (1)
21:31:32.0062 1136 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:31:32.0296 1136 Fastfat - ok
21:31:32.0406 1136 [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:31:32.0578 1136 FastUserSwitchingCompatibility - ok
21:31:32.0609 1136 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
21:31:32.0734 1136 Fdc - ok
21:31:32.0796 1136 [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:31:32.0921 1136 Fips - ok
21:31:32.0937 1136 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
21:31:33.0093 1136 Flpydisk - ok
21:31:33.0187 1136 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:31:33.0359 1136 FltMgr - ok
21:31:33.0390 1136 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:31:33.0515 1136 Fs_Rec - ok
21:31:33.0625 1136 [ 8F1955CE42E1484714B542F341647778 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:31:33.0812 1136 Ftdisk - ok
21:31:33.0859 1136 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:31:33.0984 1136 Gpc - ok
21:31:34.0109 1136 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:31:34.0343 1136 HDAudBus - ok
21:31:34.0421 1136 [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:31:34.0593 1136 helpsvc - ok
21:31:34.0593 1136 HidServ - ok
21:31:34.0640 1136 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:31:34.0828 1136 HidUsb - ok
21:31:34.0937 1136 [ ED29F14101523A6E0E808107405D452C ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:31:35.0109 1136 hkmsvc - ok
21:31:35.0109 1136 hpn - ok
21:31:35.0265 1136 [ 9BEC5D4AC6EFDAAF001D42C77811E3DB ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
21:31:35.0390 1136 HSFHWAZL - ok
21:31:36.0046 1136 [ 6CAD234BECF58529879B6C303F02777F ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
21:31:37.0265 1136 HSF_DPV - ok
21:31:37.0468 1136 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:31:37.0640 1136 HTTP - ok
21:31:37.0703 1136 [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:31:37.0859 1136 HTTPFilter - ok
21:31:37.0859 1136 i2omgmt - ok
21:31:37.0859 1136 i2omp - ok
21:31:37.0984 1136 [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:31:38.0125 1136 i8042prt - ok
21:31:38.0937 1136 [ C8B13676374AE2418B653B10D2EDDA0E ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
21:31:40.0156 1136 ialm - ok
21:31:40.0390 1136 [ 29007134FAA5C261C1DC4E6BC47FB68E ] Image Converter video recording monitor for VAIO Entertainment C:\Programme\Sony\Image Converter 2\IcVzMon.exe
21:31:40.0453 1136 Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - warning
21:31:40.0453 1136 Image Converter video recording monitor for VAIO Entertainment - detected UnsignedFile.Multi.Generic (1)
21:31:40.0500 1136 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:31:40.0640 1136 Imapi - ok
21:31:40.0859 1136 [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService C:\WINDOWS\system32\imapi.exe
21:31:41.0093 1136 ImapiService - ok
21:31:41.0093 1136 ini910u - ok
21:31:43.0156 1136 [ 5F2657F8781376892035976CF8122A2D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:31:47.0140 1136 IntcAzAudAddService - ok
21:31:47.0156 1136 [ 69C4E3C9E67A1F103B94E14FDD5F3213 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
21:31:47.0281 1136 IntelIde - ok
21:31:47.0343 1136 [ 4C7D2750158ED6E7AD642D97BFFAE351 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:31:47.0484 1136 intelppm - ok
21:31:47.0515 1136 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:31:47.0656 1136 Ip6Fw - ok
21:31:47.0718 1136 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:31:47.0875 1136 IpFilterDriver - ok
21:31:47.0906 1136 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:31:48.0031 1136 IpInIp - ok
21:31:48.0156 1136 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:31:48.0375 1136 IpNat - ok
21:31:48.0437 1136 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:31:48.0562 1136 IPSec - ok
21:31:48.0593 1136 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:31:48.0750 1136 IRENUM - ok
21:31:48.0812 1136 [ 6DFB88F64135C525433E87648BDA30DE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:31:48.0953 1136 isapnp - ok
21:31:49.0625 1136 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
21:31:49.0750 1136 JavaQuickStarterService - ok
21:31:49.0796 1136 [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:31:49.0968 1136 Kbdclass - ok
21:31:50.0140 1136 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:31:50.0328 1136 kmixer - ok
21:31:50.0437 1136 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:31:50.0515 1136 KSecDD - ok
21:31:50.0640 1136 [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:31:50.0765 1136 lanmanserver - ok
21:31:50.0890 1136 [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:31:51.0000 1136 lanmanworkstation - ok
21:31:51.0015 1136 lbrtfdc - ok
21:31:51.0343 1136 [ F03FC45E839912CB576E2496F582867C ] LEX_AS_NIC_SERVICE_YNOS C:\WINDOWS\system32\DRIVERS\ExpasAG.sys
21:31:51.0828 1136 LEX_AS_NIC_SERVICE_YNOS - ok
21:31:51.0875 1136 [ 636714B7D43C8D0C80449123FD266920 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:31:52.0015 1136 LmHosts - ok
21:31:52.0078 1136 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:31:52.0093 1136 MBAMProtector - ok
21:31:52.0375 1136 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:31:52.0812 1136 MBAMScheduler - ok
21:31:53.0265 1136 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:31:54.0046 1136 MBAMService - ok
21:31:54.0109 1136 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\mbamswissarmy.sys
21:31:54.0125 1136 MBAMSwissArmy - ok
21:31:54.0187 1136 [ 3C318B9CD391371BED62126581EE9961 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
21:31:54.0203 1136 mdmxsdk - ok
21:31:54.0281 1136 [ B7550A7107281D170CE85524B1488C98 ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:31:54.0453 1136 Messenger - ok
21:31:54.0500 1136 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:31:54.0640 1136 mnmdd - ok
21:31:54.0703 1136 [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
21:31:54.0843 1136 mnmsrvc - ok
21:31:54.0953 1136 [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:31:55.0109 1136 Modem - ok
21:31:55.0140 1136 [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:31:55.0265 1136 Mouclass - ok
21:31:55.0343 1136 [ 66A6F73C74E1791464160A7065CE711A ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:31:55.0484 1136 mouhid - ok
21:31:55.0546 1136 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:31:55.0687 1136 MountMgr - ok
21:31:55.0890 1136 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:31:56.0031 1136 MozillaMaintenance - ok
21:31:56.0046 1136 mraid35x - ok
21:31:56.0156 1136 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:31:56.0437 1136 MRxDAV - ok
21:31:56.0765 1136 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:31:57.0218 1136 MRxSmb - ok
21:31:57.0328 1136 [ A5FE164169E82E446D717511B390D5D2 ] MSCSPTISRV C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
21:31:57.0390 1136 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - warning
21:31:57.0390 1136 MSCSPTISRV - detected UnsignedFile.Multi.Generic (1)
21:31:57.0421 1136 [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC C:\WINDOWS\system32\msdtc.exe
21:31:57.0562 1136 MSDTC - ok
21:31:57.0593 1136 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:31:57.0718 1136 Msfs - ok
21:31:57.0734 1136 MSIServer - ok
21:31:57.0765 1136 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:31:57.0890 1136 MSKSSRV - ok
21:31:57.0906 1136 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:31:58.0046 1136 MSPCLOCK - ok
21:31:58.0078 1136 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:31:58.0203 1136 MSPQM - ok
21:31:58.0234 1136 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:31:58.0375 1136 mssmbios - ok
21:31:58.0421 1136 MSSQL$VAIO_VEDB - ok
21:31:58.0531 1136 [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Programme\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
21:31:58.0609 1136 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - warning
21:31:58.0609 1136 MSSQLServerADHelper - detected UnsignedFile.Multi.Generic (1)
21:31:58.0703 1136 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:31:58.0765 1136 Mup - ok
21:31:59.0000 1136 [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent C:\WINDOWS\System32\qagentrt.dll
21:31:59.0437 1136 napagent - ok
21:31:59.0593 1136 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:31:59.0796 1136 NDIS - ok
21:31:59.0843 1136 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:31:59.0890 1136 NdisTapi - ok
21:31:59.0921 1136 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:32:00.0125 1136 Ndisuio - ok
21:32:00.0187 1136 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:32:00.0390 1136 NdisWan - ok
21:32:00.0453 1136 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:32:00.0500 1136 NDProxy - ok
21:32:00.0546 1136 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:32:00.0687 1136 NetBIOS - ok
21:32:00.0812 1136 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:32:01.0000 1136 NetBT - ok
21:32:01.0140 1136 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE C:\WINDOWS\system32\netdde.exe
21:32:01.0546 1136 NetDDE - ok
21:32:01.0625 1136 [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:32:01.0750 1136 NetDDEdsdm - ok
21:32:01.0781 1136 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:32:01.0921 1136 Netlogon - ok
21:32:02.0062 1136 [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman C:\WINDOWS\System32\netman.dll
21:32:02.0359 1136 Netman - ok
21:32:02.0453 1136 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:32:02.0593 1136 NIC1394 - ok
21:32:02.0765 1136 [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla C:\WINDOWS\System32\mswsock.dll
21:32:02.0921 1136 Nla - ok
21:32:02.0953 1136 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:32:03.0078 1136 Npfs - ok
21:32:03.0515 1136 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:32:04.0140 1136 Ntfs - ok
21:32:04.0171 1136 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
21:32:04.0296 1136 NtLmSsp - ok
21:32:04.0640 1136 [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:32:05.0265 1136 NtmsSvc - ok
21:32:05.0312 1136 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
21:32:05.0484 1136 Null - ok
21:32:07.0593 1136 [ 0A71BC580C55DC6FEC466D8533569E66 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:32:11.0453 1136 nv - ok
21:32:11.0578 1136 [ A3469A25100D510EEF5B8A65A890286F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
21:32:11.0687 1136 NVSvc - ok
21:32:11.0734 1136 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:32:11.0875 1136 NwlnkFlt - ok
21:32:11.0906 1136 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:32:12.0046 1136 NwlnkFwd - ok
21:32:12.0140 1136 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:32:12.0265 1136 ohci1394 - ok
21:32:12.0390 1136 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:32:12.0468 1136 ose - ok
21:32:12.0531 1136 [ 2AACB80F75A0683E32CF350B0C60A17F ] PACSPTISVR C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
21:32:12.0593 1136 PACSPTISVR ( UnsignedFile.Multi.Generic ) - warning
21:32:12.0593 1136 PACSPTISVR - detected UnsignedFile.Multi.Generic (1)
21:32:12.0687 1136 [ F84785660305B9B903FB3BCA8BA29837 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
21:32:12.0828 1136 Parport - ok
21:32:12.0859 1136 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:32:12.0984 1136 PartMgr - ok
21:32:13.0031 1136 [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:32:13.0171 1136 ParVdm - ok
21:32:13.0234 1136 [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:32:13.0375 1136 PCI - ok
21:32:13.0375 1136 PCIDump - ok
21:32:13.0406 1136 [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:32:13.0546 1136 PCIIde - ok
21:32:13.0625 1136 [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
21:32:13.0796 1136 Pcmcia - ok
21:32:13.0812 1136 PDCOMP - ok
21:32:13.0812 1136 PDFRAME - ok
21:32:13.0828 1136 PDRELI - ok
21:32:13.0828 1136 PDRFRAME - ok
21:32:13.0843 1136 perc2 - ok
21:32:13.0843 1136 perc2hib - ok
21:32:14.0015 1136 [ E0297D369962F00E52BBACE14A554DF5 ] PhotoshopElementsDeviceConnect C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
21:32:14.0109 1136 PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - warning
21:32:14.0109 1136 PhotoshopElementsDeviceConnect - detected UnsignedFile.Multi.Generic (1)
21:32:14.0203 1136 [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay C:\WINDOWS\system32\services.exe
21:32:14.0218 1136 PlugPlay - ok
21:32:14.0234 1136 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:32:14.0359 1136 PolicyAgent - ok
21:32:14.0421 1136 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:32:14.0546 1136 PptpMiniport - ok
21:32:14.0562 1136 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:32:14.0671 1136 ProtectedStorage - ok
21:32:14.0734 1136 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:32:14.0875 1136 PSched - ok
21:32:14.0921 1136 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:32:15.0062 1136 Ptilink - ok
21:32:15.0109 1136 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:32:15.0125 1136 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
21:32:15.0125 1136 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
21:32:15.0125 1136 ql1080 - ok
21:32:15.0140 1136 Ql10wnt - ok
21:32:15.0140 1136 ql12160 - ok
21:32:15.0156 1136 ql1240 - ok
21:32:15.0156 1136 ql1280 - ok
21:32:15.0203 1136 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:32:15.0406 1136 RasAcd - ok
21:32:15.0500 1136 [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:32:15.0703 1136 RasAuto - ok
21:32:15.0750 1136 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:32:15.0906 1136 Rasl2tp - ok
21:32:16.0046 1136 [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:32:16.0296 1136 RasMan - ok
21:32:16.0328 1136 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:32:16.0484 1136 RasPppoe - ok
21:32:16.0531 1136 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:32:16.0671 1136 Raspti - ok
21:32:16.0796 1136 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:32:17.0000 1136 Rdbss - ok
21:32:17.0031 1136 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:32:17.0171 1136 RDPCDD - ok
21:32:17.0312 1136 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:32:17.0484 1136 RDPWD - ok
21:32:17.0609 1136 [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:32:17.0859 1136 RDSessMgr - ok
21:32:17.0937 1136 [ ED761D453856F795A7FE056E42C36365 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:32:18.0078 1136 redbook - ok
21:32:18.0187 1136 [ B9732EAAEF554978E61DC97D15A1C877 ] RegSrvc C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
21:32:18.0312 1136 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
21:32:18.0312 1136 RegSrvc - detected UnsignedFile.Multi.Generic (1)
21:32:18.0390 1136 [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:32:18.0562 1136 RemoteAccess - ok
21:32:18.0625 1136 [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator C:\WINDOWS\system32\locator.exe
21:32:18.0812 1136 RpcLocator - ok
21:32:19.0078 1136 [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:32:19.0281 1136 RpcSs - ok
21:32:19.0468 1136 [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP C:\WINDOWS\system32\rsvp.exe
21:32:19.0687 1136 RSVP - ok
21:32:20.0031 1136 [ 02B4B912D7AD5ED9F2F37EAC6A68D4AF ] S24EventMonitor C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
21:32:20.0500 1136 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
21:32:20.0500 1136 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
21:32:20.0531 1136 [ 208491A652C79871737EDFE629DE2C45 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
21:32:20.0546 1136 s24trans ( UnsignedFile.Multi.Generic ) - warning
21:32:20.0546 1136 s24trans - detected UnsignedFile.Multi.Generic (1)
21:32:20.0578 1136 [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs C:\WINDOWS\system32\lsass.exe
21:32:20.0687 1136 SamSs - ok
21:32:20.0859 1136 [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:32:21.0078 1136 SCardSvr - ok
21:32:21.0218 1136 [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:32:21.0531 1136 Schedule - ok
21:32:21.0562 1136 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:32:21.0687 1136 Secdrv - ok
21:32:21.0812 1136 [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon C:\WINDOWS\System32\seclogon.dll
21:32:21.0968 1136 seclogon - ok
21:32:22.0000 1136 [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS C:\WINDOWS\system32\sens.dll
21:32:22.0156 1136 SENS - ok
21:32:22.0234 1136 [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
21:32:22.0375 1136 Serial - ok
21:32:22.0406 1136 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:32:22.0546 1136 Sfloppy - ok
21:32:22.0796 1136 [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:32:23.0312 1136 SharedAccess - ok
21:32:23.0421 1136 [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:32:23.0453 1136 ShellHWDetection - ok
21:32:23.0453 1136 Simbad - ok
21:32:23.0531 1136 [ BE6038E0A7D2E2FE69107E41A0265831 ] SNC C:\WINDOWS\system32\Drivers\SonyNC.sys
21:32:23.0593 1136 SNC - ok
21:32:23.0593 1136 Sparrow - ok
21:32:23.0625 1136 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:32:23.0734 1136 splitter - ok
21:32:23.0812 1136 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:32:23.0906 1136 Spooler - ok
21:32:24.0000 1136 [ B451765E79957D651FB4B7ABB2DD804F ] SPTISRV C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
21:32:24.0062 1136 SPTISRV ( UnsignedFile.Multi.Generic ) - warning
21:32:24.0062 1136 SPTISRV - detected UnsignedFile.Multi.Generic (1)
21:32:24.0062 1136 SQLAgent$VAIO_VEDB - ok
21:32:24.0125 1136 [ 50FA898F8C032796D3B1B9951BB5A90F ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:32:24.0250 1136 sr - ok
21:32:24.0390 1136 [ FE77A85495065F3AD59C5C65B6C54182 ] srservice C:\WINDOWS\system32\srsvc.dll
21:32:24.0734 1136 srservice - ok
21:32:25.0000 1136 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:32:25.0421 1136 Srv - ok
21:32:25.0500 1136 [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:32:25.0687 1136 SSDPSRV - ok
21:32:25.0750 1136 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
21:32:25.0781 1136 ssmdrv - ok
21:32:25.0843 1136 [ ACB893CDED2C6EA692782433EA885CEA ] SSScsiSV C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe
21:32:25.0921 1136 SSScsiSV ( UnsignedFile.Multi.Generic ) - warning
21:32:25.0921 1136 SSScsiSV - detected UnsignedFile.Multi.Generic (1)
21:32:26.0171 1136 [ BC2C5985611C5356B24AEB370953DED9 ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:32:26.0671 1136 stisvc - ok
21:32:26.0796 1136 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:32:26.0937 1136 swenum - ok
21:32:26.0984 1136 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:32:27.0125 1136 swmidi - ok
21:32:27.0125 1136 SwPrv - ok
21:32:27.0140 1136 symc810 - ok
21:32:27.0156 1136 symc8xx - ok
21:32:27.0156 1136 sym_hi - ok
21:32:27.0171 1136 sym_u3 - ok
21:32:27.0296 1136 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:32:27.0437 1136 sysaudio - ok
21:32:27.0515 1136 [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:32:27.0703 1136 SysmonLog - ok
21:32:27.0890 1136 [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:32:28.0171 1136 TapiSrv - ok
21:32:28.0437 1136 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:32:28.0937 1136 Tcpip - ok
21:32:28.0968 1136 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:32:29.0093 1136 TDPIPE - ok
21:32:29.0140 1136 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:32:29.0281 1136 TDTCP - ok
21:32:29.0312 1136 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:32:29.0453 1136 TermDD - ok
21:32:29.0703 1136 [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService C:\WINDOWS\System32\termsrv.dll
21:32:30.0015 1136 TermService - ok
21:32:30.0125 1136 [ 2DB7D303C36DDD055215052F118E8E75 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:32:30.0140 1136 Themes - ok
21:32:30.0234 1136 [ BD9B64B745B7EE6C45B70F93703864A2 ] tifmsony C:\WINDOWS\system32\drivers\tifmsony.sys
21:32:30.0281 1136 tifmsony - ok
21:32:30.0281 1136 TosIde - ok
21:32:30.0359 1136 [ 626504572B175867F30F3215C04B3E2F ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:32:30.0625 1136 TrkWks - ok
21:32:30.0734 1136 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:32:31.0125 1136 Udfs - ok
21:32:31.0125 1136 ultra - ok
21:32:31.0187 1136 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
21:32:31.0265 1136 UMWdf - ok
21:32:31.0531 1136 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:32:32.0031 1136 Update - ok
21:32:32.0203 1136 [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:32:32.0468 1136 upnphost - ok
21:32:32.0515 1136 [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS C:\WINDOWS\System32\ups.exe
21:32:32.0671 1136 UPS - ok
21:32:32.0734 1136 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:32:32.0875 1136 usbehci - ok
21:32:32.0953 1136 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:32:33.0078 1136 usbhub - ok
21:32:33.0140 1136 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:32:33.0281 1136 USBSTOR - ok
21:32:33.0312 1136 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:32:33.0421 1136 usbuhci - ok
21:32:33.0562 1136 [ D3F969831F38F098CDE83994D1E9088E ] VAIO Entertainment Aggregation and Control Service C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
21:32:33.0671 1136 VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - warning
21:32:33.0671 1136 VAIO Entertainment Aggregation and Control Service - detected UnsignedFile.Multi.Generic (1)
21:32:34.0125 1136 [ 984861F9E6954395C067664034DE90C1 ] VAIO Entertainment Task Scheduler C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe
21:32:34.0718 1136 VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - warning
21:32:34.0718 1136 VAIO Entertainment Task Scheduler - detected UnsignedFile.Multi.Generic (1)
21:32:34.0828 1136 [ B648E3C89F2944A013ED452A8BFB6D68 ] VAIO Entertainment TV Device Arbitration Service C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
21:32:34.0937 1136 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
21:32:34.0937 1136 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
21:32:35.0078 1136 [ 2B0EAC2B6E5F1C5E007DABAE101028B0 ] VAIO Event Service C:\Programme\Sony\VAIO Event Service\VESMgr.exe
21:32:35.0203 1136 VAIO Event Service ( UnsignedFile.Multi.Generic ) - warning
21:32:35.0203 1136 VAIO Event Service - detected UnsignedFile.Multi.Generic (1)
21:32:36.0421 1136 [ 563335C39DC70DEA5318DE264CDAADA7 ] VAIOMediaPlatform-IntegratedServer-AppServer C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
21:32:38.0656 1136 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
21:32:38.0656 1136 VAIOMediaPlatform-IntegratedServer-AppServer - detected UnsignedFile.Multi.Generic (1)
21:32:38.0718 1136 [ ECBCC89C8DA6EB5D73301792E5E44DA6 ] VAIOMediaPlatform-IntegratedServer-HTTP C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
21:32:38.0781 1136 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
21:32:38.0781 1136 VAIOMediaPlatform-IntegratedServer-HTTP - detected UnsignedFile.Multi.Generic (1)
21:32:39.0328 1136 [ 028D7AA7C9E7BA459534795908AB414C ] VAIOMediaPlatform-IntegratedServer-UPnP C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
21:32:40.0187 1136 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
21:32:40.0187 1136 VAIOMediaPlatform-IntegratedServer-UPnP - detected UnsignedFile.Multi.Generic (1)
21:32:40.0343 1136 [ E81C0AB3E6B82E812B5FF255772CFA15 ] VAIOMediaPlatform-Mobile-Gateway C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
21:32:40.0500 1136 VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - warning
21:32:40.0500 1136 VAIOMediaPlatform-Mobile-Gateway - detected UnsignedFile.Multi.Generic (1)
21:32:40.0859 1136 [ 55A47A048E5FD13977CA47DF39CBA5FF ] VCI C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
21:32:41.0328 1136 VCI ( UnsignedFile.Multi.Generic ) - warning
21:32:41.0328 1136 VCI - detected UnsignedFile.Multi.Generic (1)
21:32:41.0328 1136 Vcsw - ok
21:32:41.0375 1136 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:32:41.0484 1136 VgaSave - ok
21:32:41.0500 1136 ViaIde - ok
21:32:41.0562 1136 [ A5A712F4E880874A477AF790B5186E1D ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:32:41.0687 1136 VolSnap - ok
21:32:41.0937 1136 [ 68F106273BE29E7B7EF8266977268E78 ] VSS C:\WINDOWS\System32\vssvc.exe
21:32:42.0265 1136 VSS - ok
21:32:43.0015 1136 [ BDB755F9B3E01BF33993C10C007202DF ] VUAgent C:\Programme\Sony\VAIO Update Common\VUAgent.exe
21:32:44.0140 1136 VUAgent - ok
21:32:44.0343 1136 [ 0BD64CCEA7B4BF25CA2FB9BF1444DFD9 ] VzCdbSvc C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
21:32:44.0484 1136 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
21:32:44.0484 1136 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
21:32:44.0593 1136 [ E81E8C7DC7EBC6CEDE156EAAD5EF9C8E ] VzFw C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
21:32:44.0703 1136 VzFw ( UnsignedFile.Multi.Generic ) - warning
21:32:44.0703 1136 VzFw - detected UnsignedFile.Multi.Generic (1)
21:32:46.0875 1136 [ 67CAA926EF06E07F2D31056B39F51C54 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys
21:32:50.0843 1136 w29n51 - ok
21:32:51.0015 1136 [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time C:\WINDOWS\system32\w32time.dll
21:32:51.0250 1136 W32Time - ok
21:32:51.0328 1136 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:32:51.0453 1136 Wanarp - ok
21:32:51.0468 1136 WDICA - ok
21:32:51.0531 1136 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:32:51.0671 1136 wdmaud - ok
21:32:51.0734 1136 [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:32:51.0906 1136 WebClient - ok
21:32:52.0390 1136 [ AB7646D4CB9BB83D29D21EF7E00A0D15 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
21:32:53.0171 1136 winachsf - ok
21:32:53.0359 1136 [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:32:53.0578 1136 winmgmt - ok
21:32:53.0640 1136 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
21:32:53.0750 1136 WmdmPmSN - ok
21:32:53.0875 1136 [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
21:32:54.0078 1136 WmiApSrv - ok
21:32:54.0156 1136 [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:32:54.0343 1136 wscsvc - ok
21:32:54.0406 1136 [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:32:54.0531 1136 wuauserv - ok
21:32:54.0890 1136 [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:32:55.0500 1136 WZCSVC - ok
21:32:55.0593 1136 [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:32:55.0859 1136 xmlprov - ok
21:32:55.0875 1136 ================ Scan global ===============================
21:32:55.0953 1136 [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:32:56.0218 1136 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:32:56.0593 1136 [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:32:56.0687 1136 [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:32:56.0687 1136 [Global] - ok
21:32:56.0687 1136 ================ Scan MBR ==================================
21:32:56.0718 1136 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:32:57.0312 1136 \Device\Harddisk0\DR0 - ok
21:32:57.0328 1136 ================ Scan VBR ==================================
21:32:57.0328 1136 [ 20A5CE395DB3D6160187C2AC6EE5092E ] \Device\Harddisk0\DR0\Partition1
21:32:57.0343 1136 \Device\Harddisk0\DR0\Partition1 - ok
21:32:57.0343 1136 [ 4017084AF9C22851246DC9BCBBBBA4C8 ] \Device\Harddisk0\DR0\Partition2
21:32:57.0359 1136 \Device\Harddisk0\DR0\Partition2 - ok
21:32:57.0359 1136 ============================================================
21:32:57.0359 1136 Scan finished
21:32:57.0359 1136 ============================================================
21:32:57.0468 2760 Detected object count: 25
21:32:57.0468 2760 Actual detected object count: 25
21:33:29.0484 2760 AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 AdobeActiveFileMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 Image Converter video recording monitor for VAIO Entertainment ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 MSCSPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 MSSQLServerADHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 PACSPTISVR ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 PACSPTISVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0484 2760 PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0484 2760 PhotoshopElementsDeviceConnect ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 SPTISRV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 SPTISRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 SSScsiSV ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 SSScsiSV ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIO Entertainment Aggregation and Control Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIO Entertainment Task Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIO Event Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIO Event Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIOMediaPlatform-IntegratedServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0500 2760 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0500 2760 VAIOMediaPlatform-IntegratedServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760 VAIOMediaPlatform-IntegratedServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760 VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760 VAIOMediaPlatform-Mobile-Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760 VCI ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760 VCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:33:29.0515 2760 VzFw ( UnsignedFile.Multi.Generic ) - skipped by user
21:33:29.0515 2760 VzFw ( UnsignedFile.Multi.Generic ) - User select action: Skip
Vielen Dank für dein Feedback ! Frank |
|
25.11.2012, 02:06
| #5 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hallo Cosinus, zusätzliche Info: ich habe AVAST FREE ANIVIRUS anstelle von AVIRA installiert und einen Full Scan durchgeführt. Auch AVAST hat keinen Befund festgestellt. Das Problem habe ich aber immer noch und hoffe sehr, dass du mir helfen kannst. Vielen Dank für dein Feedback Frank |
|
26.11.2012, 16:43
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Mach bitte einen CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ --> PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund |
|
30.11.2012, 19:48
| #7 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, your wish is my command... Ich hoffe, dass es in Ordnung ist: OTL Logfile: Code:
ATTFilter OTL logfile created on: 30.11.2012 19:26:02 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 510,42 Mb Total Physical Memory | 206,91 Mb Available Physical Memory | 40,54% Memory free 1,22 Gb Paging File | 0,95 Gb Available in Paging File | 78,23% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 32,60 Gb Total Space | 20,55 Gb Free Space | 63,03% Space Free | Partition Type: NTFS Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Programme\AVAST Software\Avast\defs\12113000\algo.dll () MOD - C:\WINDOWS\system32\msjetoledb40.dll () MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll () MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation) SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation) SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation) SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation) DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.11.24 15:10:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions [2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\VAIO Launcher.lnk = C:\Programme\Sony\VAIO Launcher\Launcher.exe (Sony Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) NetSvcs: 6to4 - File not found NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.dvsd - C:\Programme\Gemeinsame Dateien\Sony Shared\VideoLib\sonydv.dll (Sony Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.11.24 15:14:34 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2012.11.24 15:14:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus [2012.11.24 15:14:33 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2012.11.24 15:14:28 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2012.11.24 15:14:27 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2012.11.24 15:14:25 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2012.11.24 15:14:21 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2012.11.24 15:14:21 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2012.11.24 15:14:18 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2012.11.24 15:10:11 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2012.11.24 15:10:03 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2012.11.18 14:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2012.11.18 13:10:55 | 000,000,000 | ---D | C] -- C:\_OTL [2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes [2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun [2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun [2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache [2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0 [2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads [2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla [2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla [2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla [2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service [2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData [2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia [2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update [2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD [2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office [2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER [2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF [2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components [2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher [2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone [2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media [2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML [2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic [2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic [2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll [2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll [2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll [2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio [2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll [2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll [2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll [2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures [2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype [2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio [2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared [2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio [2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2 [2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2 [2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus [2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility [2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart [2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030} [2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.30 19:01:21 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012.11.30 19:00:11 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.11.30 18:59:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.11.30 18:59:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.11.30 18:59:39 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys [2012.11.24 15:14:35 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2012.11.24 15:14:23 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012.11.18 14:02:30 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable [2012.11.18 13:04:48 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.11.18 13:04:47 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.11.18 13:04:47 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.11.18 13:04:47 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.11.18 12:43:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr [2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM [2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM [2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem [2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk [2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.24 15:14:35 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2012.11.24 15:14:27 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012.11.18 14:02:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable [2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys [2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk [2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk [2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk [2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk [2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk [2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk [2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll [2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk [2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk [2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk [2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk [2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.11.24 15:06:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2005.07.13 14:34:50 | 000,000,000 | ---D | M] -- C:\Documentation [2012.11.11 12:05:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2005.07.22 15:39:15 | 000,000,000 | ---D | M] -- C:\Drivers [2012.11.11 12:23:48 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.11.24 15:27:15 | 000,000,000 | R--D | M] -- C:\Programme [2012.11.30 19:18:24 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2012.11.11 12:04:52 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.11.11 14:35:14 | 000,000,000 | ---D | M] -- C:\Update [2012.11.24 15:10:11 | 000,000,000 | ---D | M] -- C:\WINDOWS [2012.11.18 13:10:55 | 000,000,000 | ---D | M] -- C:\_OTL < %ALLUSERSPROFILE%\Application Data\*. > [2005.07.13 14:36:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Adobe < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.11.11 17:42:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe [2005.07.13 11:03:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities [2012.11.11 14:12:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia [2012.11.17 16:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes [2005.07.13 14:52:03 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft [2012.11.11 14:27:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla [2012.11.11 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation [2012.11.11 17:10:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun [2005.07.13 14:39:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec < %APPDATA%\*.exe /s > < %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles > < %SYSTEMROOT%\System32\config\*.sav > [2005.07.13 12:55:07 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav [2005.07.13 12:55:07 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav [2005.07.13 12:55:07 | 000,421,888 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav < %SYSTEMROOT%\*. /mp /s > < %SYSTEMROOT%\system32\*.dll /lockedfiles > [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < End of report > [/CODE] Vielen Dank für deine Prüfung  Gruss FLKOR |
|
30.11.2012, 21:36
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Ist sehr unauffällig adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.12.2012, 00:17
| #9 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, vielen Dank für die schnelle Antwort. Hier das Ergebnis des Scans mit ADWCLEANER: Code:
ATTFilter # AdwCleaner v2.010 - Datei am 01/12/2012 um 00:05:47 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Frank - NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKLM\Software\Description
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [649 octets] - [01/12/2012 00:05:47]
########## EOF - C:\AdwCleaner[R1].txt - [708 octets] ##########
Vielen Dank Frank |
|
01.12.2012, 00:34
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Du bist fast clean lt. adwCleaner beim ersten Mal  das ist sehr selten  adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.12.2012, 13:52
| #11 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, hier die Protokolle: 1. AdwCleaner Code:
ATTFilter # AdwCleaner v2.010 - Datei am 01/12/2012 um 12:02:57 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Frank - NOTEBOOK
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKLM\Software\Description
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [776 octets] - [01/12/2012 00:05:47]
AdwCleaner[S1].txt - [710 octets] - [01/12/2012 12:02:57]
########## EOF - C:\AdwCleaner[S1].txt - [769 octets] ##########
OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.12.2012 12:17:22 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 510,42 Mb Total Physical Memory | 134,99 Mb Available Physical Memory | 26,45% Memory free 1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,91% Paging File free Paging file location(s): C:\pagefile.sys 768 1536 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 32,60 Gb Total Space | 20,35 Gb Free Space | 62,42% Space Free | Partition Type: NTFS Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () PRC - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Apoint\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\WINDOWS\system32\ico.exe (Primax Electronics Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Programme\AVAST Software\Avast\defs\12113001\algo.dll () MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\system32\msjetoledb40.dll () MOD - C:\Programme\Sony\VAIO Event Service\VESBasePS.dll () MOD - C:\Programme\Adobe\Acrobat 7.0\Distillr\AdistRes.DEU () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\platform.dll () MOD - C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV - (VAIO Entertainment Task Scheduler) -- C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe (Sony Corporation) SRV - (VAIO Entertainment Aggregation and Control Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (Vcsw) -- C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (MSCSPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (PACSPTISVR) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation) SRV - (SPTISRV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SSScsiSV) -- C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (Image Converter video recording monitor for VAIO Entertainment) -- C:\Programme\Sony\Image Converter 2\IcVzMon.exe (Sony Corporation) SRV - (VCI) -- C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_svc.exe (Sony Corporation) SRV - (AdobeActiveFileMonitor) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe () SRV - (PhotoshopElementsDeviceConnect) -- C:\Programme\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe () SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation) DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software) DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software) DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (tifmsony) -- C:\WINDOWS\system32\drivers\tifmsony.sys (Texas Instruments) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (LEX_AS_NIC_SERVICE_YNOS) -- C:\WINDOWS\system32\drivers\ExpasAG.sys (Atheros Communications, Inc.) DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (DMICall) -- C:\WINDOWS\system32\drivers\DMICall.sys (Sony Corporation) DRV - (SNC) -- C:\WINDOWS\system32\drivers\SonyNC.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.club-vaio.com/de/ IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.11.24 15:10:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.11.11 14:25:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.11.11 14:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla\Extensions [2012.11.11 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found. O3 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\WINDOWS\System32\ico.exe (Primax Electronics Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [VAIO Update 5] C:\Programme\Sony\VAIO Update 5\VAIOUpdt.exe (Sony Corporation) O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\VAIO Launcher.lnk = C:\Programme\Sony\VAIO Launcher\Launcher.exe (Sony Corporation) O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Ähnliche Seiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Im Cache gespeicherte Seite - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O8 - Extra context menu item: Verweisseiten - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Programme\Yahoo!\Messenger\YPager.exe (Yahoo! Inc.) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([] in Lokales Intranet) O15 - HKU\.DEFAULT\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: sony-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: sonystyle-europe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([] in Lokales Intranet) O15 - HKU\S-1-5-18\..Trusted Domains: vaio-link.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sony-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: sonystyle-europe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-4280729442-2380449788-443276291-1006\..Trusted Domains: vaio-link.com ([]* in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF0C9646-5918-4994-9118-2A7FDF8E97A3}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Light Flo Wallpaper TrueColor 1280x800.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2005.07.13 11:03:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.24 15:14:34 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2012.11.24 15:14:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus [2012.11.24 15:14:33 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2012.11.24 15:14:28 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2012.11.24 15:14:27 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2012.11.24 15:14:25 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys [2012.11.24 15:14:21 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2012.11.24 15:14:21 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2012.11.24 15:14:18 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2012.11.24 15:10:11 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr [2012.11.24 15:10:03 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe [2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software [2012.11.24 15:06:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software [2012.11.18 14:15:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2012.11.18 13:42:20 | 000,026,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys [2012.11.18 13:10:55 | 000,000,000 | ---D | C] -- C:\_OTL [2012.11.17 17:00:17 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.17 16:52:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Malwarebytes [2012.11.17 16:51:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2012.11.11 20:59:50 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.11.11 17:24:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Sun [2012.11.11 17:15:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun [2012.11.11 17:14:57 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.11.11 17:14:57 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.11.11 17:14:57 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.11.11 17:14:56 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.11.11 17:14:47 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.11.11 17:14:47 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.11.11 17:10:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sun [2012.11.11 17:04:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\IETldCache [2012.11.11 17:00:53 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll [2012.11.11 16:59:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2012.11.11 16:59:17 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2012.11.11 16:59:17 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2012.11.11 16:59:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2012.11.11 16:59:16 | 011,111,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2012.11.11 16:59:16 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2012.11.11 16:58:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM [2012.11.11 16:57:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2012.11.11 16:32:22 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.11.11 16:32:21 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.11.11 16:26:42 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2012.11.11 16:25:31 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40.dll [2012.11.11 16:25:31 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll [2012.11.11 16:24:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2012.11.11 16:24:43 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll [2012.11.11 16:24:22 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2012.11.11 16:23:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe [2012.11.11 16:22:38 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys [2012.11.11 16:21:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2012.11.11 16:21:36 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2012.11.11 14:40:38 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2012.11.11 14:39:53 | 000,000,000 | ---D | C] -- C:\Programme\MSXML 4.0 [2012.11.11 14:38:51 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe [2012.11.11 14:31:46 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2012.11.11 14:31:44 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2012.11.11 14:31:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2012.11.11 14:30:35 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys [2012.11.11 14:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads [2012.11.11 14:28:46 | 002,151,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2012.11.11 14:28:45 | 002,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2012.11.11 14:28:44 | 002,195,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2012.11.11 14:28:39 | 002,071,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2012.11.11 14:28:12 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys [2012.11.11 14:28:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe [2012.11.11 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Mozilla [2012.11.11 14:27:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Mozilla [2012.11.11 14:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla [2012.11.11 14:26:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service [2012.11.11 14:25:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2012.11.11 14:23:56 | 018,090,960 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe [2012.11.11 14:23:48 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys [2012.11.11 14:21:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2012.11.11 14:21:29 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2012.11.11 14:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall [2012.11.11 14:13:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\UserData [2012.11.11 14:12:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Macromedia [2012.11.11 14:09:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll [2012.11.11 14:09:00 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll [2012.11.11 14:08:21 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll [2012.11.11 14:07:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll [2012.11.11 14:01:38 | 000,000,000 | ---D | C] -- C:\Update [2012.11.11 14:01:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution [2012.11.11 12:57:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012.11.11 12:51:50 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll [2012.11.11 12:51:50 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2012.11.11 12:51:45 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll [2012.11.11 12:51:45 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll [2012.11.11 12:51:45 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll [2012.11.11 12:51:45 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll [2012.11.11 12:51:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2012.11.11 12:51:45 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll [2012.11.11 12:51:45 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll [2012.11.11 12:51:45 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2012.11.11 12:51:45 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll [2012.11.11 12:51:45 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax [2012.11.11 12:51:45 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax [2012.11.11 12:51:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2012.11.11 12:51:44 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2012.11.11 12:51:44 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2012.11.11 12:51:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2012.11.11 12:51:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2012.11.11 12:51:44 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2012.11.11 12:51:43 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2012.11.11 12:51:43 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2012.11.11 12:51:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2012.11.11 12:51:43 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2012.11.11 12:51:43 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2012.11.11 12:51:42 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2012.11.11 12:51:41 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2012.11.11 12:51:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2012.11.11 12:51:41 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2012.11.11 12:51:41 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2012.11.11 12:51:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2012.11.11 12:51:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2012.11.11 12:51:41 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2012.11.11 12:51:40 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll [2012.11.11 12:51:40 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll [2012.11.11 12:51:40 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2012.11.11 12:51:40 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2012.11.11 12:51:40 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2012.11.11 12:51:40 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2012.11.11 12:51:40 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2012.11.11 12:51:39 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll [2012.11.11 12:51:39 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2012.11.11 12:51:39 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll [2012.11.11 12:51:39 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll [2012.11.11 12:51:39 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll [2012.11.11 12:51:39 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe [2012.11.11 12:51:39 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe [2012.11.11 12:51:39 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2012.11.11 12:51:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2012.11.11 12:51:38 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe [2012.11.11 12:51:37 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll [2012.11.11 12:51:37 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll [2012.11.11 12:51:37 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2012.11.11 12:51:37 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2012.11.11 12:51:35 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe [2012.11.11 12:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2012.11.11 12:51:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de [2012.11.11 12:51:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits [2012.11.11 12:49:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles [2012.11.11 12:47:23 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll [2012.11.11 12:47:23 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll [2012.11.11 12:47:23 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll [2012.11.11 12:47:23 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll [2012.11.11 12:47:23 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll [2012.11.11 12:47:23 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll [2012.11.11 12:47:23 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll [2012.11.11 12:47:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic [2012.11.11 12:47:22 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2012.11.11 12:47:22 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2012.11.11 12:47:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2012.11.11 12:47:22 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2012.11.11 12:47:22 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2012.11.11 12:47:22 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2012.11.11 12:47:22 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2012.11.11 12:47:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2012.11.11 12:47:22 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2012.11.11 12:47:22 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2012.11.11 12:47:22 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2012.11.11 12:47:22 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2012.11.11 12:47:22 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2012.11.11 12:47:22 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2012.11.11 12:47:22 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2012.11.11 12:47:22 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2012.11.11 12:47:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2012.11.11 12:47:22 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2012.11.11 12:47:22 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2012.11.11 12:47:21 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2012.11.11 12:47:21 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys [2012.11.11 12:47:21 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2012.11.11 12:47:21 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll [2012.11.11 12:47:21 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll [2012.11.11 12:47:21 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll [2012.11.11 12:47:21 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll [2012.11.11 12:47:21 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll [2012.11.11 12:47:21 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll [2012.11.11 12:47:20 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2012.11.11 12:47:20 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2012.11.11 12:47:20 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2012.11.11 12:47:20 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys [2012.11.11 12:47:19 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2012.11.11 12:47:19 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2012.11.11 12:47:19 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2012.11.11 12:47:19 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2012.11.11 12:47:19 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2012.11.11 12:47:19 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys [2012.11.11 12:47:19 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2012.11.11 12:47:19 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2012.11.11 12:47:19 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll [2012.11.11 12:47:19 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys [2012.11.11 12:47:19 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll [2012.11.11 12:47:18 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2012.11.11 12:47:18 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2012.11.11 12:47:18 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2012.11.11 12:47:18 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2012.11.11 12:47:18 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2012.11.11 12:47:18 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2012.11.11 12:43:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$ [2012.11.11 12:43:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome [2012.11.11 12:38:59 | 328,324,136 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe [2012.11.11 12:27:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Click to DVD [2012.11.11 12:26:09 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2012.11.11 12:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office [2012.11.11 12:24:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER [2012.11.11 12:24:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW [2012.11.11 12:23:48 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.11.11 12:23:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works [2012.11.11 12:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2012.11.11 12:20:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2012.11.11 12:19:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Adobe [2012.11.11 12:18:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Adobe PDF [2012.11.11 12:18:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Edit Components [2012.11.11 12:17:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Launcher [2012.11.11 12:16:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Zone [2012.11.11 12:15:28 | 000,033,340 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsqlgc.dll [2012.11.11 12:15:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsgnet.dll [2012.11.11 12:15:25 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe [2012.11.11 12:15:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VAIO Media Platform [2012.11.11 12:13:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Media [2012.11.11 12:13:36 | 000,000,000 | ---D | C] -- C:\Programme\Moodlogic HTML [2012.11.11 12:13:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MoodLogic [2012.11.11 12:13:29 | 000,000,000 | ---D | C] -- C:\Programme\MoodLogic [2012.11.11 12:12:37 | 000,061,440 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwo.dll [2012.11.11 12:12:37 | 000,052,736 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIds.dll [2012.11.11 12:12:37 | 000,042,496 | ---- | C] (QSound Labs, Inc.) -- C:\WINDOWS\System32\SonyAIwd.dll [2012.11.11 12:12:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage Mastering Studio [2012.11.11 12:11:55 | 000,757,760 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CDDBUI.dll [2012.11.11 12:11:55 | 000,630,784 | ---- | C] (Gracenote (formerly CDDB, Inc.)) -- C:\WINDOWS\System32\CDDBControl.dll [2012.11.11 12:11:55 | 000,110,592 | ---- | C] (Gracenote) -- C:\WINDOWS\System32\CddbLangDE.dll [2012.11.11 12:11:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SonicStage [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype [2012.11.11 12:11:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\My Skype Pictures [2012.11.11 12:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Skype [2012.11.11 12:09:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Roxio [2012.11.11 12:09:54 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Sonic Shared [2012.11.11 12:09:09 | 002,981,888 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplw7.dll [2012.11.11 12:09:08 | 002,502,656 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplpx.dll [2012.11.11 12:09:07 | 002,785,280 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm6.dll [2012.11.11 12:09:07 | 002,686,976 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplm5.dll [2012.11.11 12:09:07 | 002,531,328 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\iplp6.dll [2012.11.11 12:09:06 | 002,973,696 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipla6.dll [2012.11.11 12:09:06 | 000,053,248 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ipl.dll [2012.11.11 12:08:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PictureGear Studio [2012.11.11 12:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\ImageConverter2 [2012.11.11 12:07:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Image Converter 2 [2012.11.11 12:07:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVgate Plus [2012.11.11 12:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Memory Stick Utility [2012.11.11 12:05:56 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Microsoft [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Identities [2012.11.11 12:05:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Adobe [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\SendTo [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Recent [2012.11.11 12:05:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Zubehör [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Favoriten [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Musik [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Eigene Bilder [2012.11.11 12:05:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Autostart [2012.11.11 12:05:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Frank\Cookies [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Vorlagen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Netzwerkumgebung [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen [2012.11.11 12:05:55 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Frank\Druckumgebung [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Symantec [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Anwendungsdaten\Sony Corporation [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\Microsoft [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Desktop [2012.11.11 12:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Frank\Lokale Einstellungen\Anwendungsdaten\{3248F0A6-6813-11D6-A77B-00B0D0150030} [2012.11.11 12:04:38 | 000,000,000 | ---D | C] -- C:\Programme\Programmverknüpfungen [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.12.01 12:09:01 | 000,000,306 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012.12.01 12:07:16 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012.12.01 12:06:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.12.01 12:06:35 | 535,285,760 | -HS- | M] () -- C:\hiberfil.sys [2012.11.30 18:59:56 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.11.24 15:14:35 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2012.11.24 15:14:23 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2012.11.18 14:02:30 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable [2012.11.18 13:04:48 | 000,329,768 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.11.18 13:04:47 | 000,339,804 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.11.18 13:04:47 | 000,058,692 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.11.18 13:04:47 | 000,047,874 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.11.18 12:43:12 | 000,267,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.11.18 11:46:41 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.11.17 17:00:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2012.11.11 17:14:33 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.11.11 17:14:27 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.11.11 17:14:27 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.11.11 17:14:27 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.11.11 17:14:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.11.11 17:14:27 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.11.11 16:32:22 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.11.11 16:32:21 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.11.11 14:26:23 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 14:24:35 | 018,090,960 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Firefox_Setup_16.0.2.exe [2012.11.11 12:57:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2012.11.11 12:47:00 | 000,251,712 | RHS- | M] () -- C:\ntldr [2012.11.11 12:29:15 | 000,001,428 | ---- | M] () -- C:\WINDOWS\System32\SNYSPLST.OEM [2012.11.11 12:29:15 | 000,000,028 | ---- | M] () -- C:\WINDOWS\System32\SNYINST.OEM [2012.11.11 12:29:10 | 000,033,738 | ---- | M] () -- C:\WINDOWS\System32\Snyres.oem [2012.11.11 12:26:20 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:10:37 | 000,000,056 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:04:50 | 000,000,164 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2012.11.11 12:04:46 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2012.11.11 12:04:46 | 000,000,000 | RH-- | M] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk [2012.11.10 15:01:00 | 104,044,560 | ---- | M] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [2012.11.10 14:28:30 | 328,324,136 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\WindowsXP-KB936929-SP3-x86-DEU.exe [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.24 15:14:35 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk [2012.11.24 15:14:27 | 000,000,306 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2012.11.18 14:02:30 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\defogger_reenable [2012.11.11 18:39:53 | 535,285,760 | -HS- | C] () -- C:\hiberfil.sys [2012.11.11 14:31:15 | 000,000,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VAIO Update.lnk [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.11.11 14:28:09 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll [2012.11.11 14:26:23 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk [2012.11.11 14:26:20 | 000,000,706 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk [2012.11.11 14:08:18 | 104,044,560 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Eigene Dateien\avira_free_antivirus_de.exe [2012.11.11 12:47:21 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2012.11.11 12:47:21 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2012.11.11 12:47:20 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2012.11.11 12:26:24 | 000,000,845 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Office 2003 Editionen 60-Tage-Testversion.lnk [2012.11.11 12:26:20 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2012.11.11 12:23:03 | 000,001,767 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office PowerPoint Viewer 2003.lnk [2012.11.11 12:23:03 | 000,001,683 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works-Start.lnk [2012.11.11 12:19:53 | 000,001,811 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat Professional Installer.lnk [2012.11.11 12:18:40 | 000,001,826 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Acrobat 7.0 Elements.lnk [2012.11.11 12:10:37 | 000,000,056 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2012.11.11 12:09:06 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll [2012.11.11 12:05:57 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Remoteunterstützung.lnk [2012.11.11 12:05:57 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Internet Explorer.lnk [2012.11.11 12:05:57 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Windows Media Player.lnk [2012.11.11 12:05:57 | 000,000,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Frank\Startmenü\Programme\Outlook Express.lnk [2012.11.11 12:04:46 | 000,000,000 | RH-- | C] () -- C:\WINDOWS\System32\drivers\Sony_VGN-FS315M.mrk ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:28:07 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/CODE] OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.12.2012 12:17:22 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Frank\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,42 Mb Total Physical Memory | 134,99 Mb Available Physical Memory | 26,45% Memory free
1,22 Gb Paging File | 0,85 Gb Available in Paging File | 69,91% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 32,60 Gb Total Space | 20,35 Gb Free Space | 62,42% Space Free | Partition Type: NTFS
Drive D: | 34,94 Gb Total Space | 22,59 Gb Free Space | 64,66% Space Free | Partition Type: NTFS
Computer Name: NOTEBOOK | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-4280729442-2380449788-443276291-1006\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Yahoo!\Messenger\YPager.exe" = C:\Programme\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Programme\Yahoo!\Messenger\YServer.exe" = C:\Programme\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{013E1BA8-C815-4E27-BCB9-D6B1B2E24094}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{01AE599F-7B72-4135-8C56-9191F4ACBA88}" = VAIO Edit Components
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony MP4 Shared Library
"{075473F5-846A-448B-BCB3-104AA1760205}" = Roxio DigitalMedia Data
"{169C78C0-8C32-4CA1-9602-D8E998ECE96A}" = VAIO Original Screen Saver VAIO Scene HD Wide Contents
"{1A91D1FA-B9B3-4556-9878-5C61059A19B2}" = InterVideo WinDVDX
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1EB317D8-8945-4FD6-B37F-DF470317C6AB}" = VAIO Media 4.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{25CF0627-2EF6-4FCE-A0DE-7D6350C774B2}" = VAIO Original Screen Saver VAIO Scene HD Normal Contents
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27337663-2619-11D4-99DC-0000F49094C7}" = Memory Stick Formatter
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{29999594-B540-4C88-A8D3-C99CA43809FC}" = Image Converter 2
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51735133-A296-4EB0-BF16-AD93B55BD000}" = VAIO Original Screen Saver VAIO Motion SD Wide Contents
"{531C0C3A-7112-4986-8222-5778FB547D81}" = VAIO Original Screen Saver VAIO Motion HD Normal Contents
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{639BB4D3-AA30-4A7B-8CB5-6DE681AD6659}" = VAIO Light Flo Wallpaper
"{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VOR
"{685BCC47-B8EC-45EC-BBCE-77DF2451502C}" = DVgate Plus
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{71249EFF-EFAB-48A0-B967-630F4E70BBC3}" = VAIO Original Screen Saver VAIO Scene SD Normal Contents
"{7128C69B-8F7E-4336-8698-3FD3CDD955EC}" = VAIO Media Redistribution 4.0
"{7998F67D-655B-42E3-B651-18D96DD17268}" = Adobe Premiere Standard
"{7A79D11B-FD82-4A5E-834F-20173515DD14}" = VAIO Media Integrated Server 4.2
"{805BC1AB-46C5-438C-BCB7-537A1A32290C}" = VAIO Original Screen Saver VAIO Motion SD Normal Contents
"{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"{851C67EF-068A-4060-9EF5-2E3DDCD68382}" = Adobe Photoshop Elements 3.0
"{88DA0A52-3372-4803-971A-ADFB961707E8}" = PictureGear Studio 2.0
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VPS
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for VAIO
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.03 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 3.2
"{A43F939E-A863-433D-AC78-0897E44CFEB2}" = VAIO Launcher
"{AB467B85-4F52-48C2-AEED-0673D00417B0}" = SonicStage Mastering Studio Audio Filter
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Roxio DigitalMedia Audio
"{AC76BA86-7AD7-1031-7B44-A70000000000}" = Adobe Reader 7.0 - Deutsch
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 4.0
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Roxio DigitalMedia Copy
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{BBD4DAC9-DF99-48CA-8F62-AE6F2BD47063}" = VAIO Original Screen Saver VAIO Motion HD Wide Contents
"{BBFFB027-7D53-4E1B-95BC-35A2216D1D60}" = VAIO Long Battery Life Wallpaper
"{BE56FEF0-1A0F-4719-B3AD-34B5087AFA6D}" = Sony Video Shared Library
"{BF3B304B-8A18-452D-A19F-6012CA8418D7}" = SonicStage Mastering Studio 1.4
"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86
"{D917FD82-6CE5-489A-AAF8-C701AAC85C4D}" = VAIO Entertainment Platform
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (VAIO_VEDB)
"{E365AAB7-F160-4E2F-ACAC-28D487ACF47D}" = VAIO Original Screen Saver VAIO Scene SD Wide Contents
"{E4715C25-7114-4F40-A915-C1951D4D7520}" = VAIO Update Merge Module x86
"{E5E6E687-1031-0000-0000-000000000002}" = Adobe Acrobat 7.0 Elements - Deutsch
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.4.10
"{ED8D39F2-7FFA-45EC-B148-EF2472955BB4}" = VAIO Zone
"{EE7EB179-5AA2-4B28-AC92-5CBAAF82BA7F}" = SonicStage Mastering Studio Plugins
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC37C108-821D-4EDE-8F40-D5B497586805}" = VAIO Control Center
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"Adobe Acrobat 7.0 Elements - Deutsch" = Adobe Acrobat 7.0 Elements - Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"ie8" = Windows Internet Explorer 8
"InstallShield_{668B1BD6-4593-4959-970E-249AFFE6F35C}" = VAIO-Online-Registrierung (Deutsch)
"InstallShield_{849ABF1A-6AE3-45E1-B260-D5447B2F29F5}" = OpenMG Secure Module 4.2.00
"InstallShield_{9080C5D2-82FA-452A-87FA-CBB4B05D67A5}" = VAIO Product Survey
"MoodLogic" = MoodLogic
"MouseSuite98" = Sony USB Mouse
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Skype_is1" = Skype 1.3
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2012 09:11:38 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 17.11.2012 11:29:15 | Computer Name = NOTEBOOK | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung
zurückgegeben. .
Error - 18.11.2012 08:01:21 | Computer Name = NOTEBOOK | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 20.11.2012 03:12:38 | Computer Name = NOTEBOOK | Source = EventSystem | ID = 4614
Description = Das COM+-Ereignissystem hat eine Inkonsistenz in seinem internen Status
erkannt. Fehler bei der Assertion "GetLastError() == 122L" in Zeile 162 von d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
[ System Events ]
Error - 17.11.2012 10:54:03 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst NVSvc.
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:19:57 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 17.11.2012 11:20:10 | Computer Name = NOTEBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
< End of report >
[/CODE] Ich hoffe, dies hilft dir weiter, da das Problem leider immer noch besteht  Viele Grüsse Frank |
|
03.12.2012, 11:30
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2012, 13:14
| #13 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, ich werde (wie gewohnt) am Freitag weitertesten. Soweit ich mich erinnere, habe ich Mailwarebytes wieder deinstalliert, da die Testperiode abgelaufen war. Ich versuche, es wieder neu zu installieren. Ich habe noch einen Hinweis: da das Problem ja immer noch besteht, hatte ich den Scan mit AdwCleaner nochmals durchgeführt. Siehe da, der Eintrag: Code:
ATTFilter ***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKLM\Software\Description
Grüsse aus Basel Frank |
|
03.12.2012, 14:55
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PC langsam bei hoher CPU Auslastung ohne erkennbaren GrundZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.12.2012, 10:17
| #15 |
| | PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund Hi Cosinus, ich habe Malwarebytes nochmal installiert und laufen lassen: Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.12.07.09 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Frank :: NOTEBOOK [Administrator] 07.12.2012 20:15:04 mbam-log-2012-12-07 (20-15-04).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 197582 Laufzeit: 31 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=a912a13257d9b645ae1f1ada66f3459e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-12-08 01:41:37
# local_time=2012-12-08 02:41:37 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 100 91 1168203 131640769 0 0
# scanned=62428
# found=0
# cleaned=0
# scan_time=20328
Gruss Frank |
|
| Themen zu PC langsam bei hoher CPU Auslastung ohne erkennbaren Grund |
| antivir, antivirus, auslastung, avira, bho, booten, converter, desktop, error, firefox, flash player, frage, home, langsam, logfile, microsoft office 2003, mozilla, neu aufgesetzt, ntdll.dll, plug-in, problem, realtek, registry, scan, security, software, system, updates, virus ?, virus ??, windows internet |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
