| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Festplatte Cluster FehlerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.05.2011, 14:06
| #1 |
| |  Festplatte Cluster Fehler Hallo zusammen, Heute nachmittag hat sich plötzlich mein Laptop verabschiedet. Als ich im Internet war öffnete sich andauernd ein Update Fenster für Adobe Flash Player. Ich habe immer auf ABBRECHEN gedrückt doch danach erschien das Fenster immer und immer wieder, bis ich den PC ausmachen musst. Beim Wiederstarten tauchte plötzlich die Meldung "Festplatte beschädigt. Das System hat ein Problem mit einem oder mehreren installierten IDE / SATA- Festplatten erkannt." Bei Windows Recovery erschien die Meldung "Kritischer Fehler. Beschädigte Festplatten-Cluster gefunden. Private Daten sind in Gefahr" Der Desktop war schwarz und die Ordner waren verschwunden. Wenn ich jedoch im PC ein Stichwort zu einem bestimmten Dokument oder Foto oder Musiktitel eingebe, erscheint dieser auch. Es muss also alles noch irgendwo sein... Bitte helft mir da ich keine große Ahnung von sowas habe  |
|
17.05.2011, 14:54
| #2 |
| /// Malware-holic   | Festplatte Cluster Fehler hi
__________________deine daten sind noch da, keine angst. Systemscan mit OTL download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten
__________________ |
|
27.05.2011, 10:19
| #3 |
| | Festplatte Cluster Fehler hey, tut mir leid, mein papa hat meinen computer einfach zu reperatur gebracht und ich habe ihn jetzt erst wiederbekommen....ohne dateien, aber sie scheinen immer noch drauf zu sein-.-
__________________ich habe den systemscan nun druchgeführt: OTL.txt:OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.05.2011 09:34:04 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Julia\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16473)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,95% Memory free
4,21 Gb Paging File | 3,19 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176,24 Gb Total Space | 123,09 Gb Free Space | 69,84% Space Free | Partition Type: NTFS
Drive F: | 55,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 298,02 Gb Total Space | 291,63 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
Computer Name: JULIA-PC | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Julia\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\Julia\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (CLTNetCnService) -- File not found
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (VAIO Event Service) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzFw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-Mobile-Gateway) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (SigmaTel, Inc.)
SRV - (VAIOMediaPlatform-UCLS-AppServer) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation)
SRV - (IviRegMgr) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (s1029bus) Sony Ericsson Device 1029 driver (WDM) -- C:\Windows\System32\drivers\s1029bus.sys (MCCI Corporation)
DRV - (s1029mdm) -- C:\Windows\System32\drivers\s1029mdm.sys (MCCI Corporation)
DRV - (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1029unic.sys (MCCI Corporation)
DRV - (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1029mgmt.sys (MCCI Corporation)
DRV - (s1029obex) -- C:\Windows\System32\drivers\s1029obex.sys (MCCI Corporation)
DRV - (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1029nd5.sys (MCCI Corporation)
DRV - (s1029mdfl) -- C:\Windows\System32\drivers\s1029mdfl.sys (MCCI Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (SNC) -- C:\Windows\System32\drivers\SonyNC.sys (Sony Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Club VAIO | Welcome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {378486bf-e1b5-4474-9feb-ad51105d0fae} - C:\Program Files\Shareware.Pro-DE\tbShar.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\URLSearchHook: {378486bf-e1b5-4474-9feb-ad51105d0fae} - C:\Program Files\Shareware.Pro-DE\tbShar.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\URLSearchHook: {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "P2P Max DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {e0007d18-baa4-4573-ae78-8bea0958c610}:2.2.0.9
FF - prefs.js..extensions.enabledItems: videofinder@veoh.com:1.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.06 21:14:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.06 21:14:36 | 000,000,000 | ---D | M]
[2009.05.17 15:11:33 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions
[2009.02.08 16:43:57 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.05.26 22:41:34 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\jsgcvs3t.default\extensions
[2010.08.01 20:01:16 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\jsgcvs3t.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.10.04 16:25:32 | 000,000,000 | -H-D | M] (P2P Max DE Toolbar) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\jsgcvs3t.default\extensions\{e0007d18-baa4-4573-ae78-8bea0958c610}
[2011.05.17 09:48:07 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-1.xml
[2008.12.17 20:52:27 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-10.xml
[2008.12.22 10:51:03 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-11.xml
[2009.09.01 20:08:59 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-12.xml
[2009.09.13 15:26:46 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-13.xml
[2009.10.29 23:33:36 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-14.xml
[2009.12.21 10:59:03 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-15.xml
[2009.12.21 20:28:17 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-16.xml
[2010.01.10 15:43:15 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-17.xml
[2010.02.23 12:41:21 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-18.xml
[2010.04.06 22:56:20 | 000,000,950 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-19.xml
[2008.02.10 11:39:02 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-2.xml
[2008.03.28 17:47:03 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-3.xml
[2008.04.17 22:46:37 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-4.xml
[2008.07.03 20:04:59 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-5.xml
[2008.07.03 20:15:49 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-6.xml
[2008.07.20 12:47:23 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-7.xml
[2008.09.25 19:45:24 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-8.xml
[2008.11.14 00:05:20 | 000,000,949 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin-9.xml
[2009.07.13 17:12:02 | 000,000,944 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\Mozilla\Firefox\Profiles\jsgcvs3t.default\searchplugins\icqplugin.xml
[2009.08.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2009.08.30 21:43:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.05.17 15:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\talkback@mozilla.org
[2008.03.21 12:44:36 | 000,000,000 | ---D | M] (Veoh Browser Plug-in) -- C:\PROGRAM FILES\VEOH NETWORKS\VEOH\PLUGINS\NOREG\VIDEOFINDER4
[2009.06.08 18:47:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.06.08 18:47:20 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.06.08 18:47:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.06.08 18:47:20 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.06.08 18:47:20 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Shareware.Pro-DE Toolbar) - {378486bf-e1b5-4474-9feb-ad51105d0fae} - C:\Program Files\Shareware.Pro-DE\tbShar.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll (Your Company Name)
O2 - BHO: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Shareware.Pro-DE Toolbar) - {378486bf-e1b5-4474-9feb-ad51105d0fae} - C:\Program Files\Shareware.Pro-DE\tbShar.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (P2P Max DE Toolbar) - {e0007d18-baa4-4573-ae78-8bea0958c610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\Toolbar\WebBrowser: (Shareware.Pro-DE Toolbar) - {378486BF-E1B5-4474-9FEB-AD51105D0FAE} - C:\Program Files\Shareware.Pro-DE\tbShar.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..\Toolbar\WebBrowser: (P2P Max DE Toolbar) - {E0007D18-BAA4-4573-AE78-8BEA0958C610} - C:\Program Files\P2P_Max_DE\tbP2P0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EPSON Stylus DX3800 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000..\Run: [Internet Security Service] File not found
O4 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O7 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2462439829-400863278-3750921539-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Julia\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2002.06.16 23:57:58 | 000,000,048 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0fc30c8a-b371-11df-bd74-001bfb8b2006}\Shell\AutoRun\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe
O33 - MountPoints2\{0fc30c8a-b371-11df-bd74-001bfb8b2006}\Shell\open\command - "" = G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\lin32.exe
O33 - MountPoints2\{3d981787-0dae-11e0-94f3-001bfb8b2006}\Shell\AutoRun\command - "" = .\Encryption Tool\MaxtorEncryption.exe
O33 - MountPoints2\{44fef4f8-f090-11de-b9bd-001bfb8b2006}\Shell - "" = AutoRun
O33 - MountPoints2\{44fef4f8-f090-11de-b9bd-001bfb8b2006}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{b83cee88-b240-11dc-a434-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b83cee88-b240-11dc-a434-806e6f6e6963}\Shell\AutoRun\command - "" = F:\BHVSTART.EXE -- [2002.09.05 16:29:00 | 000,330,240 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Apoint - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: EA Core - hkey= - key= - C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: fhtonwutskbfzjsp - hkey= - key= - File not found
MsConfig - StartUpReg: Google Desktop Search - hkey= - key= - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
MsConfig - StartUpReg: IndexSearch - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: mlbaf - hkey= - key= - c:\users\julia\appdata\local\mlbaf.exe ()
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found
MsConfig - StartUpReg: NvSvc - hkey= - key= - File not found
MsConfig - StartUpReg: PaperPort PTD - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: PPort11reminder - hkey= - key= - C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: qNHRkYKMBL - hkey= - key= - File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Sony Ericsson PC Companion - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: SSBkgdUpdate - hkey= - key= - C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Veoh - hkey= - key= - C:\Program Files\Veoh Networks\Veoh\VeohClient.exe (Veoh Networks)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= - File not found
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: VIDC.IV41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.05.18 08:43:32 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Roaming\Avira
[2011.05.18 08:38:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.18 08:38:08 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.05.18 08:37:59 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.05.18 08:37:59 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.05.18 08:37:59 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2011.05.18 08:37:59 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2011.05.18 08:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.18 08:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.05.18 08:29:31 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.05.17 23:09:13 | 000,000,000 | -H-D | C] -- C:\Users\Julia\AppData\Local\Temp--
[2011.05.17 23:08:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.05.17 13:28:48 | 000,000,000 | -H-D | C] -- C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011.05.01 16:33:57 | 000,000,000 | -H-D | C] -- C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
[2009.12.24 22:28:24 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe322E.dll
========== Files - Modified Within 30 Days ==========
[2011.05.27 09:22:35 | 000,656,738 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.27 09:22:35 | 000,614,836 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.27 09:22:35 | 000,121,640 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.27 09:22:35 | 000,108,426 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.27 09:16:12 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.27 09:16:12 | 000,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.27 09:16:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.27 09:15:58 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.26 23:03:24 | 000,005,780 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.05.22 09:41:30 | 000,001,742 | ---- | M] () -- C:\Users\Julia\Desktop\Mozilla Firefox.lnk
[2011.05.18 08:48:11 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.05.18 08:48:11 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.05.18 08:38:30 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.17 13:39:51 | 000,003,441 | -H-- | M] () -- C:\Users\Julia\AppData\Local\mlbaf.dat
[2011.05.17 13:39:39 | 000,005,603 | -H-- | M] () -- C:\Users\Julia\AppData\Local\mlbaf_navps.dat
[2011.05.17 13:38:21 | 000,000,384 | -H-- | M] () -- C:\ProgramData\32497424
[2011.05.17 13:36:44 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~32497424r
[2011.05.17 13:36:44 | 000,000,112 | -H-- | M] () -- C:\ProgramData\~32497424
[2011.05.17 13:35:03 | 000,000,088 | -H-- | M] () -- C:\Users\Julia\AppData\Local\vvvvd.bat
[2011.05.17 13:34:35 | 000,137,803 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\nvModes.001
[2011.05.17 13:28:49 | 000,000,595 | -H-- | M] () -- C:\Users\Julia\Desktop\Windows Vista Recovery.lnk
[2011.05.15 22:46:28 | 286,980,323 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.05.10 18:49:43 | 000,237,753 | -H-- | M] () -- C:\Users\Julia\AppData\Local\mlbaf_nav.dat
[2011.05.10 18:41:33 | 000,137,803 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\nvModes.dat
[2011.05.01 16:33:57 | 000,001,038 | -H-- | M] () -- C:\Users\Julia\Desktop\Update Service.lnk
========== Files Created - No Company Name ==========
[2011.05.22 09:41:30 | 000,001,742 | ---- | C] () -- C:\Users\Julia\Desktop\Mozilla Firefox.lnk
[2011.05.18 08:44:44 | 2145,837,056 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.18 08:38:30 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.17 13:28:49 | 000,000,595 | -H-- | C] () -- C:\Users\Julia\Desktop\Windows Vista Recovery.lnk
[2011.05.17 13:28:49 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~32497424r
[2011.05.17 13:28:49 | 000,000,112 | -H-- | C] () -- C:\ProgramData\~32497424
[2011.05.17 13:28:41 | 000,000,384 | -H-- | C] () -- C:\ProgramData\32497424
[2011.05.01 16:33:57 | 000,001,038 | -H-- | C] () -- C:\Users\Julia\Desktop\Update Service.lnk
[2011.04.04 19:00:41 | 000,005,603 | -H-- | C] () -- C:\Users\Julia\AppData\Local\mlbaf_navps.dat
[2011.04.04 19:00:40 | 000,237,753 | -H-- | C] () -- C:\Users\Julia\AppData\Local\mlbaf_nav.dat
[2011.04.04 19:00:40 | 000,003,441 | -H-- | C] () -- C:\Users\Julia\AppData\Local\mlbaf.dat
[2011.04.04 19:00:37 | 000,635,904 | -H-- | C] () -- C:\Users\Julia\AppData\Local\mlbaf.exe
[2010.12.25 22:21:21 | 000,000,088 | -H-- | C] () -- C:\Users\Julia\AppData\Local\vvvvd.bat
[2009.11.16 21:35:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.11 10:43:14 | 000,274,587 | ---- | C] () -- C:\Windows\DJ Music Mixer Uninstaller.exe
[2009.01.21 17:21:17 | 000,000,425 | -H-- | C] () -- C:\Windows\BRWMARK.INI
[2009.01.21 17:21:17 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.01.21 17:20:07 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat
[2009.01.21 17:17:04 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2009.01.17 13:41:42 | 000,000,088 | -H-- | C] () -- C:\Users\Julia\AppData\Local\xalux.bat
[2008.03.11 18:54:49 | 000,000,210 | -H-- | C] () -- C:\Users\Julia\AppData\Roaming\wklnhst.dat
[2008.02.17 21:53:30 | 000,000,032 | -H-- | C] () -- C:\ProgramData\ezsid.dat
[2008.01.15 19:59:45 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2008.01.05 19:44:36 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008.01.05 19:44:36 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008.01.05 19:44:36 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008.01.05 14:51:26 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2007.12.24 20:45:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007.12.24 20:11:19 | 000,039,424 | -H-- | C] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.24 20:11:17 | 000,002,032 | -H-- | C] () -- C:\Users\Julia\AppData\Local\d3d9caps.dat
[2007.12.24 20:11:04 | 000,137,803 | -H-- | C] () -- C:\Users\Julia\AppData\Roaming\nvModes.dat
[2007.12.24 20:11:04 | 000,137,803 | -H-- | C] () -- C:\Users\Julia\AppData\Roaming\nvModes.001
[2007.08.10 14:10:14 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007.08.10 13:58:35 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007.08.10 13:50:35 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2007.07.20 15:34:23 | 000,005,780 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.07.20 15:29:30 | 000,000,032 | ---- | C] () -- C:\Windows\System32\elcric.dat
[2007.06.22 10:34:44 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.06.11 13:09:39 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007.06.11 13:09:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2007.06.11 13:08:57 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
[2006.11.02 17:33:31 | 000,656,738 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 17:33:31 | 000,121,640 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,410,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,614,836 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,108,426 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 09:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 09:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2003.12.31 16:25:23 | 000,061,952 | ---- | C] () -- C:\Windows\System32\ajnetmask.dll
[2003.12.25 23:21:16 | 000,087,040 | ---- | C] () -- C:\Windows\System32\TrayIcon12.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
========== LOP Check ==========
[2009.04.22 20:28:51 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\B+P Heyer
[2011.04.21 10:34:33 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.05.09 23:50:08 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ICQ
[2008.01.02 18:11:04 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ICQ Toolbar
[2007.12.30 17:41:03 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\InterVideo
[2011.03.07 23:26:47 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\LimeWire
[2009.12.10 23:31:17 | 000,000,000 | -HSD | M] -- C:\Users\Julia\AppData\Roaming\lowsec
[2010.04.13 21:24:43 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\NCH Swift Sound
[2008.01.15 20:10:45 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Opera
[2010.01.14 12:21:58 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Orbit
[2009.12.24 22:27:09 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Sony
[2008.03.11 18:54:52 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Template
[2011.05.26 23:03:23 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.18 22:39:45 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Adobe
[2009.12.24 15:33:17 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Apple Computer
[2011.05.18 08:43:32 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Avira
[2009.04.22 20:28:51 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\B+P Heyer
[2009.02.21 23:20:23 | 000,000,000 | RH-D | M] -- C:\Users\Julia\AppData\Roaming\Brother
[2009.05.19 13:12:24 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\DivX
[2011.04.21 10:34:33 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers
[2008.02.03 19:01:06 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Google
[2009.05.09 23:50:08 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ICQ
[2008.01.02 18:11:04 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\ICQ Toolbar
[2007.07.20 15:00:04 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Identities
[2007.08.10 13:53:23 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\InstallShield
[2007.12.30 17:41:03 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\InterVideo
[2011.03.07 23:26:47 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\LimeWire
[2009.12.10 23:31:17 | 000,000,000 | -HSD | M] -- C:\Users\Julia\AppData\Roaming\lowsec
[2007.07.20 17:31:39 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Media Center Programs
[2009.11.24 22:26:46 | 000,000,000 | --SD | M] -- C:\Users\Julia\AppData\Roaming\Microsoft
[2009.02.08 16:43:57 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Mozilla
[2010.04.13 21:27:53 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\NCH Software
[2010.04.13 21:24:43 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\NCH Swift Sound
[2008.01.15 20:10:45 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Opera
[2010.01.14 12:21:58 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Orbit
[2009.12.13 15:09:32 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Real
[2008.01.05 23:39:02 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Roxio
[2009.06.13 14:36:57 | 000,000,000 | RH-D | M] -- C:\Users\Julia\AppData\Roaming\SecuROM
[2011.04.11 20:29:05 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Skype
[2011.04.11 16:00:09 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\skypePM
[2009.12.24 22:27:09 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Sony
[2007.08.10 13:54:44 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Sony Corporation
[2008.01.05 18:30:50 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Sun
[2008.03.11 18:54:52 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\Template
[2007.12.30 21:00:05 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\vlc
[2008.01.06 16:22:53 | 000,000,000 | -H-D | M] -- C:\Users\Julia\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2009.02.08 16:43:52 | 000,163,840 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009.02.08 16:43:52 | 000,196,608 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.02.08 16:43:52 | 000,014,848 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009.02.08 16:43:52 | 000,077,824 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.02.08 16:43:53 | 000,266,240 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.02.08 16:43:53 | 000,018,432 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.02.08 16:43:53 | 000,014,336 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009.02.08 16:43:53 | 000,073,728 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.02.08 16:43:53 | 000,102,400 | -H-- | M] (Mozilla Foundation) -- C:\Users\Julia\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2009.01.21 17:17:41 | 000,010,134 | RH-- | M] () -- C:\Users\Julia\AppData\Roaming\Microsoft\Installer\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}\ARPPRODUCTICON.exe
[2008.01.06 16:10:23 | 000,040,960 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\Julia\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2008.01.06 16:10:23 | 000,040,960 | RH-- | M] (InstallShield Software Corp.) -- C:\Users\Julia\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2008.01.06 16:10:23 | 000,008,854 | RH-- | M] () -- C:\Users\Julia\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
[2009.06.12 10:27:51 | 000,010,134 | RH-- | M] () -- C:\Users\Julia\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2007.08.29 15:36:00 | 000,110,592 | -H-- | M] () -- C:\Users\Julia\AppData\Roaming\NCH Software\Components\mp3el\mp3enc.exe
[2010.03.01 20:38:43 | 000,439,816 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Julia\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2010.03.24 15:10:41 | 000,443,912 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Julia\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.30 12:12:28 | 000,510,120 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Julia\AppData\Roaming\Real\Update\setup3.13\setup.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\explorer.exe
[2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
< MD5 for: IASTOR.SYS >
[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\Drivers\SATA Driver (Intel) (Non-RAID) 7.0A - 7.0.0.1020\iastor.sys
[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007.03.01 02:03:07 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
< MD5 for: IASTORV.SYS >
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
< MD5 for: SCECLI.DLL >
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: USER32.DLL >
[2007.07.20 15:18:21 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2007.07.20 15:18:21 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2007.07.20 15:18:21 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
< MD5 for: USERINIT.EXE >
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 12:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 12:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< End of report >
Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.05.2011 09:34:04 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Julia\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16473)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,95% Memory free
4,21 Gb Paging File | 3,19 Gb Available in Paging File | 75,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176,24 Gb Total Space | 123,09 Gb Free Space | 69,84% Space Free | Partition Type: NTFS
Drive F: | 55,80 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 298,02 Gb Total Space | 291,63 Gb Free Space | 97,86% Space Free | Partition Type: FAT32
Computer Name: JULIA-PC | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-2462439829-400863278-3750921539-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CE1DBB-E095-4845-81AA-7E3BA3F2C1F0}" = lport=139 | protocol=6 | dir=in | app=system |
"{0D9B0259-F99F-4E84-8FE8-672599E4C615}" = lport=445 | protocol=6 | dir=in | app=system |
"{433FC1C3-5BAD-420E-A8CB-412D00927E2C}" = rport=138 | protocol=17 | dir=out | app=system |
"{5B3DCE80-287D-4B39-AAF3-DBA5E36DDF13}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6959A81B-4420-4C52-B8EC-0E9CCEAE32A8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6D8867D2-337E-4317-BEE1-96AB7044D36C}" = rport=137 | protocol=17 | dir=out | app=system |
"{72945779-3AD8-4329-AAAD-DF20E6A34D5C}" = rport=445 | protocol=6 | dir=out | app=system |
"{73BC4BE1-2885-44A2-B107-0AE989866AC0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{81BC601C-C709-497C-B5AB-01800BB71344}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8D94B58B-A847-4D19-841D-D3E64DCF74EF}" = lport=137 | protocol=17 | dir=in | app=system |
"{8E70D866-1137-4C13-AFED-9C70A053BA9A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{963EF85E-C3D4-4589-A1D8-55AB58FB458D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E0E062F-8A72-4082-98AB-551A53FFB6D3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9FBCCE5E-A6F2-47C4-941D-076A870998DC}" = lport=138 | protocol=17 | dir=in | app=system |
"{BBC8E0E3-644F-4BC5-AC0E-48AABC9187B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{FEDB58C0-7CBE-4465-B7C3-B5D29ECC8740}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B149A40-8086-43AF-8AEA-775184908087}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1F918227-DE3B-4C75-87C4-94C44EE309C5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{207FD476-10A8-4A65-929A-F6DF8620C3E3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{22277ACD-44D4-4B06-BD32-6729C8A8FC0F}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{2DF6FDFD-8234-4BB3-8416-3B4D9BFEA52A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2E4A7323-7A0F-43A7-BAEC-98533C15C757}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4E40CFE4-8BBD-4835-AECE-8E0BB5654171}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{67587AEE-0C79-45A4-B79B-1136862B128A}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{6AFEC658-A79B-45B9-BD86-E99D65A18CE7}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{77E05329-70AA-4A19-9959-29FB2F8871CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7C91932A-13AD-4840-9A16-FD902B4B7326}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{81A23341-D3C5-421A-A436-6537D52EA17C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{945B0C5E-F699-4861-BBCF-0285A4B08295}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{963FBE57-99F1-4709-B57A-34A5E46864EC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AAD72994-7365-453E-9B4E-8EBA8AB4AB58}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AB96C472-069F-4010-BA59-0C73EEE7AF68}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BA1793A0-6137-4D9B-8EBC-2D406AF1BC1D}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"{CAD21E2B-6025-40A6-A703-C74CD3A13046}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{D20BF1C9-9C95-44ED-880A-DFBEAB72ABE7}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii - the warchiefs trial\age3x.exe |
"{D61C4B17-2A67-47F8-91D7-7D73DE6435BB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E3D8B67F-AF27-40BD-A08A-A78F4C1A5163}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCDB8CFF-213E-43EF-8EE8-1B09C0A7CC42}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"TCP Query User{02C06393-798D-49C4-9759-EDBD362DF27A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{28607A04-941D-4384-870E-900FC6D6D9E2}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{31ED7E3E-8AFE-407A-BD3D-D3C02D52E715}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{64165533-A34A-40A8-8EE5-3F52B28A2E72}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{68BFDA46-AD21-4B56-896E-DD30D4EB586E}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{81662BB5-6910-4477-942F-0CACAE045954}C:\program files\bitlord\bitlord.exe" = protocol=6 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"TCP Query User{9DD65CC1-5CE9-4474-AC8D-6935016E328C}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{B6A23192-9074-44DA-AFD3-F2B46583D403}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{BE0F96BE-7E65-41E1-843A-FBC8FD98EF68}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"TCP Query User{C2775079-782D-4DF6-A13B-B34AEB4953E4}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{C5430AD7-E37A-4B5B-857A-9A960A34A8B4}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"TCP Query User{CF6EF037-2346-4722-9C19-52C09A4855DA}C:\users\julia\empires2.exe" = protocol=6 | dir=in | app=c:\users\julia\empires2.exe |
"TCP Query User{D66ED412-606A-4503-8134-C1A51A427083}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{D8FBA296-7F84-4E82-AE5D-56637313F9B0}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{E6A9C15D-EDD9-4715-82F1-AC5F5E5D546D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{EED2CCB8-1B43-4159-9742-90315C836317}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{F9D42A00-492A-49C0-BA32-6800437FD82B}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{01BBC9ED-BCD6-4D38-A6F3-9CF182F3BF71}C:\program files\bitlord\bitlord.exe" = protocol=17 | dir=in | app=c:\program files\bitlord\bitlord.exe |
"UDP Query User{055D4226-004D-47A9-945C-20F77DAB2FB3}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{209D0CAC-FED0-4B22-AA88-9A17D0FB90CF}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{3019798C-E4C6-4CDE-8D83-BD22D271C97A}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{324821CB-A62F-424F-9058-63914A624EEC}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{50A43BE4-52BE-4BD9-9A75-64D05AD4161B}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{7F6A664D-E76D-457E-8B91-306CBACDAD5C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{7FF91AC3-4F8B-4B85-9628-E1E45ED8EE8D}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{8724C694-5528-4850-A05F-3768A92ED06C}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{89BF39DC-C85C-4FD7-86D9-93BBF9678437}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{938D741F-668C-454E-BA0E-B218E11AD19F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{9CEAEBD2-23C4-48EE-B67A-C4CE19E6B533}C:\users\julia\empires2.exe" = protocol=17 | dir=in | app=c:\users\julia\empires2.exe |
"UDP Query User{A762FA7F-A978-469D-9E58-1FE1231F0F64}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{B25B4746-E070-4F0F-969E-97FDE3E0A4E4}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{BE475F4A-E029-4FF9-AFB7-62D59CD3C26F}C:\program files\veoh networks\veoh\veohclient.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veoh\veohclient.exe |
"UDP Query User{E0CA1BD0-C288-44C0-AF02-78489DE04957}C:\program files\microsoft games\age of empires ii\empires2.icd" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii\empires2.icd |
"UDP Query User{E0FAEE70-63D0-4AAE-91E2-2EC6F5EF05F4}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.1203
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BEF9285-5530-426B-A5F1-5836B95C7EB1}" = VAIO Original Screen Saver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}" = VAIO Cozy Orange Wallpaper
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.007.00
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31B5B620-CA8A-4F99-A64E-7DDB3D1BBB69}_is1" = appleJuice Client
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{374F03BB-9C09-4DB3-9C9B-C71E63292950}" = Google Earth
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-145C
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{412ACDE3-8D23-4867-A6DB-5F5D5A476348}" = Heyer's Karten-Studio 2
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F12E9D1-402C-4672-86D7-52E86A3A1411}" = VAIO Content Importer VAIO Content Exporter
"{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}" = VAIO Content Metadata XML Interface Library
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6110F38A-5BE6-4199-AC96-D2DD6B4A3ADE}" = VAIO Content Metadata Intelligent Analyzing Manager
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Content Importer / VAIO Content Exporter
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{81D6583E-9361-49CE-B17C-052819897758}" = Schrankplaner
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FC56444-161D-43B4-A662-F18F2E4A2A32}" = VAIO Content Metadata Manager Setting
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-0019-0000-0000-0000000FF1CE}" = Microsoft Office Publisher 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{92F8615C-43B7-4925-8457-B6D004E8D478}" = VAIO Content Metadata XML Interface Library
"{934A3213-1CB6-4264-84A2-EE080C017BCA}" = VAIO Tender Green Wallpaper
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{97BCD719-6ECB-458F-97D6-F38D2E07375E}" = VAIO Aqua Breeze Wallpaper
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{9FA8B5F5-4BDC-4CF4-9202-AA97FF79AE98}" = VAIO Media
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}" = Age of Empires III - The WarChiefs Trial
"{AC76BA86-7AD7-1031-7B44-A81000000003}" = Adobe Reader 8.1.0 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{AFBA0609-EB70-43CB-B11C-294EDADFA101}" =
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B575AC8F-EEDB-4B75-0091-17306783164E}" = Need For Speed Underground Demo
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CEAD2D69-1FDE-4A4B-82AC-A222BEB6777D}_is1" = Abi-Schnitt-Rechner 1.2
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1B11537-EA51-4DD8-BF1E-098BEE48868D}" = VeohTV BETA
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4D96ABB-E0D8-4CA4-856E-A2703F5490F0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{E89D31F3-7F6C-47A3-8669-0A8DDE27B664}" = VAIO Media Registration Tool
"{EBE55E74-AF94-47BB-849B-C79F236C65F4}" = VAIO Movie Story
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Age of Empires 2.0" = Microsoft Age of Empires II
"Ask Toolbar_is1" = Ask Toolbar
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"BitLord" = BitLord 1.1
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DJ Music Mixer" = DJ Music Mixer
"dt icon module" =
"EADM" = EA Download Manager
"eBay HTML" =
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"ExpressBurn" = Express Burn
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Studio_is1" = Free Studio version 4.1
"Free YouTube Download_is1" = Free YouTube Download 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Desktop" = Google Desktop
"gtfirstboot Setting Request" =
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}" = Age of Empires III - The WarChiefs Trial
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"InstallShield_{D1B11537-EA51-4DD8-BF1E-098BEE48868D}" = VeohTV BETA
"KaM - The Peasants Rebellion" = KaM - The Peasants Rebellion
"LimeWire" = LimeWire 5.3.6
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"P2P_Max_DE Toolbar" = P2P_Max_DE Toolbar
"Picasa2" = Picasa 2
"PUBLISHERR" = Microsoft Office Publisher 2007
"RealPlayer 6.0" = RealPlayer
"Shareware.Pro-DE Toolbar" = Shareware.Pro-DE Toolbar
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Switch" = Switch Sound File Converter
"szgmxymwvngtud" = Tagging System Chargeyourprofit
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Sony Ericsson Update Service
"VAIO Help and Support" =
"VAIO MFU Module" =
"VAIO Xblack Contents" = VAIO Xblack Contents
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Virtual Villagers" = Virtual Villagers (remove only)
"WavePad" = WavePad Sound Editor
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xalux" = Favorit
"Zulu" = Zulu DJ Software
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2462439829-400863278-3750921539-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PICgrabber G2" = PICgrabber G2
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18.05.2011 12:21:45 | Computer Name = Julia-PC | Source = WerSvc | ID = 5007
Description =
Error - 18.05.2011 15:23:42 | Computer Name = Julia-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 18.05.2011 15:28:23 | Computer Name = Julia-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 18.05.2011 15:34:42 | Computer Name = Julia-PC | Source = WerSvc | ID = 5007
Description =
Error - 22.05.2011 03:32:44 | Computer Name = Julia-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 22.05.2011 03:39:03 | Computer Name = Julia-PC | Source = WerSvc | ID = 5007
Description =
Error - 26.05.2011 11:53:13 | Computer Name = Julia-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 26.05.2011 16:28:51 | Computer Name = Julia-PC | Source = WerSvc | ID = 5007
Description =
Error - 27.05.2011 03:16:15 | Computer Name = Julia-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 27.05.2011 03:22:34 | Computer Name = Julia-PC | Source = WerSvc | ID = 5007
Description =
[ OSession Events ]
Error - 16.12.2008 14:46:48 | Computer Name = Julia-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session
lasted 26186 seconds with 6420 seconds of active time. This session ended with
a crash.
[ System Events ]
Error - 18.05.2011 05:51:53 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.05.2011 08:12:14 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.05.2011 09:15:39 | Computer Name = Julia-PC | Source = ACPI | ID = 327693
Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen
Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware
hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie
den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen
Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error - 18.05.2011 12:16:53 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.05.2011 15:23:43 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 18.05.2011 15:29:44 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 22.05.2011 03:32:15 | Computer Name = Julia-PC | Source = volsnap | ID = 393245
Description = Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
Error - 22.05.2011 03:34:10 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.05.2011 11:54:40 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.05.2011 03:17:44 | Computer Name = Julia-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
|
|
27.05.2011, 11:18
| #4 |
| /// Malware-holic | Festplatte Cluster Fehler was haben die bei der reperatur gemacht? warum hat dieses system noch niemals updates gesehen, keine servicepacks etc?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.05.2011, 11:36
| #5 |
| | Festplatte Cluster Fehler bei der reperatur hat er meine dateien alle auf eine externe festplatte gezogen....allerdings ist alles unsortiert und viel müll drauf. wenn ich auf meinem pc jetzt einen ordner erstellen will, den ich früher schonmal hatte, dann macht er das nicht, weil es den alten ordner noch irgendwo gibt. heißt für mich dass meine dateien ja noch irgendwo sein müssen. in der reperatur wurden wohl alle viren entfernt und der pc an sich komplett wiederhergestellt... besteht für mcih noch die chance meine dateien wiederzufinden??? |
|
27.05.2011, 11:41
| #6 |
| | Festplatte Cluster Fehler also in der reperatur wurde mein pc komplett von viren befreit und alles wiederhergestellt, wohl auch virenprogramme installiert und alles erneuert, kp. weiterhin hat der typ meine dateien auf eine externe festplatte gezogen- dabei ist aber überwiegend irgendwelcher müll drauf, wie bilder aus dem internet... bei dem versuch nun neue ordner unter dem selben namen wie früher herzustellen zeigt mein pc mir nu immer an, dass dieser ordner noch existiert... es ist also anscheinend immer noch alles irgendwo da besteht die chance alles wiederherzustellen? |
|
27.05.2011, 14:38
| #7 |
| /// Malware-holic | Festplatte Cluster Fehler dann sollten wir einfach kurzen prozess machen, den pc mal vernünftig neu aufsetzen, absichern und dann kannst du damit wieder arbeiten. das wäre sinnvoller, da zeitsparend. fehlen dir denn noch daten oder ist alles auf der festplatte?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.05.2011, 20:03
| #8 |
| | Festplatte Cluster Fehler ja genau das hat der typ ja wohl auch gemacht....also arbeiten kann ich auch wieder! also er hat gesagt er hat alles versucht zu sichern was ging, aber wie gesagt es befindet sich nur mist auf der festplatte und alles durcheinander, nichts ist benannt...ich hätte schon gern meine ordner wieder, die sich ja anscheinend noch irgendwo befinden, sofern das geht?! |
|
28.05.2011, 11:59
| #9 |
| /// Malware-holic | Festplatte Cluster Fehler der hat nicht neu aufgesetzt. und wenn doch, hat er sehr schlampig gearbeitet. du hättest lieber hier arbeiten sollen, dass hätte dich nichts gekostet und wäre vernünftig von statten gegangen. ich will mich nicht schlecht äußern über solche reparatur-dienste, aber ich hab häufig in den foren die erfahrung gemacht, dass die viel misst bauen und den leuten teures geld aus der tasche ziehen. zu deinen daten: lade unhide: http://filepony.de/download-unhide/ doppelklicken, dateien werden sichtbar sichere die dann bitte auf die platte.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Festplatte Cluster Fehler |
| adobe, bestimmte, daten, desktop, dokument, fehler, festplatte, festplatten, foto, gefahr, hallo zusammen, ide, internet, laptop, meldung, musik, ordner, platte, plötzlich, problem, recovery, stichwort, system, update, windows |
Linear-Darstellung
