| super-lutz | 31.05.2010 21:40 |
Von weiteren Meldungen habe ich nichts gehört!
Bemerkungen:
- es ist ein Sony Vaio Laptop
- es werden ein LG-Handy, iPod und eine Canon-Kamera regelmäßig angeschlossen
- Sync-Toy und BullZip sind absichtlich installiert
Nur falls Fragen zu diesen Einträgen auftauchen.
Das Prog lief ohne Probleme auf 32Bit Vist SP2!
Jetzt die Logs:
Extra
quote
OTL Logfile: Code:
OTL Extras logfile created on: 31.05.2010 21:58:04 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\xxxxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 107,38 Gb Total Space | 31,00 Gb Free Space | 28,87% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 39,36 Gb Free Space | 67,18% Space Free | Partition Type: NTFS
Drive E: | 10,32 Gb Total Space | 10,18 Gb Free Space | 98,66% Space Free | Partition Type: NTFS
Drive F: | 1,92 Gb Total Space | 1,87 Gb Free Space | 97,40% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: xxxxx-PC
Current User Name: xxxxx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0x00000000
"FirewallDisableNotify" = 0x00000000
"UpdatesDisableNotify" = 0x00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\DATEV\SYSTEM\DvpExe.exe" = C:\DATEV\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (DATEV eG)
"C:\DATEV\SYSTEM\DcomSrv.exe" = C:\DATEV\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (DATEV eG)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\DATEV\SYSTEM\DvpExe.exe" = C:\DATEV\SYSTEM\DvpExe.exe:*:Enabled:DvpExe.exe -- (DATEV eG)
"C:\DATEV\SYSTEM\DcomSrv.exe" = C:\DATEV\SYSTEM\DcomSrv.exe:*:Enabled:DcomSrv.exe -- (DATEV eG)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09A5F057-CF16-40A4-BA18-237917DC73EA}" = lport=137 | protocol=17 | dir=in | app=system |
"{0CF10335-F3AE-4E5F-9EE8-B95476798F01}" = lport=138 | protocol=17 | dir=in | app=system |
"{29E99F8B-29A9-4317-837D-2B150900C14F}" = rport=445 | protocol=6 | dir=out | app=system |
"{2F293E40-5453-41BF-8259-6E47FA9C639D}" = rport=138 | protocol=17 | dir=out | app=system |
"{67D2B1EA-9ED5-4AAF-815C-B2360F67727B}" = rport=137 | protocol=17 | dir=out | app=system |
"{A46D0963-7F1C-4536-A076-A682A5464B5A}" = lport=58432 | protocol=6 | dir=in | app=c:\datev\programm\sws\limaservice.exe |
"{A7A6ED89-E08A-48A5-9790-2D16C1BEC3FB}" = rport=139 | protocol=6 | dir=out | app=system |
"{C1B3163E-3BAA-4F6E-8056-9246AD1A3AD3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D3341AB0-1AC0-4C6C-A157-3B9A81CCD9E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{D87CB6E4-061D-4E2D-90F1-2FEFE4F78DB5}" = lport=139 | protocol=6 | dir=in | app=system |
"{EDF93686-C880-49F2-86AE-870EE948137C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08CB4460-041B-4209-8C23-4E758F47E249}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C4DEC0E-31CC-4006-B44A-87A76BEC0406}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{2EE806AF-219A-4B08-94B0-7B98A0A546BD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5C1656A7-3BCC-4805-8815-636B05562F3D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{61EE61C6-D00C-43B9-B6B9-305BF722A969}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{844F08EC-1ECB-4478-AD12-076163858E13}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9362A0FB-4749-4303-88C5-943261BC558B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A6C51FFC-E1A4-433B-A855-46487F23580C}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AF512A4C-802D-44F4-8781-F64FF3D5FF8D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BE4C4D16-D955-4D80-BD13-29B03D660C2A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{BFF14F88-02B0-4710-A54E-D58F0CDA8E6C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D1DA344D-62C4-4D61-B15E-06CF49646226}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F20BC173-5077-464A-8BA1-322EE9F07B22}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{FCCE8089-8BB6-4915-B9AB-FDC408E1BB56}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{6D3AB070-E2D0-448B-8048-23663C46C959}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0428CAD9-07C9-4C8B-AC2A-0ED74B7CCFCB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{00E3E16A-EF37-6F18-2501-821AAB6903AB}" = ccc-core-static
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (DATEV_CL_DE01)
"{0299E902-A8ED-7748-4A47-8080C42436F2}" = Catalyst Control Center Core Implementation
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0881ECE5-DCA1-462D-B515-F1732875EC74}" = DATEV Infragistics Runtime V.3.2
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0D8189EB-8824-AA13-6A45-8201E3353AC8}" = CCC Help German
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{132CA5D9-C745-4B0B-A3B2-8C7A6EC3EE7E}" = Canon MF Toolbox 4.9.1.1.mf04
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{14F47992-EF70-16D9-1DD6-8A240073CD82}" = ATI Catalyst Install Manager
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{165E861A-D87F-5BED-190E-8EBC4ECCE65E}" = Catalyst Control Center Graphics Light
"{17F8195F-91B9-35A7-E4B9-6E54C0B7B9B3}" = CCC Help Korean
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1EDDE5D9-7455-3159-41BE-1BC8C76B8950}" = CCC Help Spanish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{239A8D60-270B-42e8-82D3-60D70A2942E0}" = Canon MF4100-Serie
"{248BF282-92C4-4C53-09F4-454E81503277}" = Catalyst Control Center Localization Italian
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{28B52CF6-FC4D-38E7-2438-62EB527780FD}" = Catalyst Control Center Graphics Full Existing
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29ADBAC3-97C3-1963-0F76-1687F73154D7}" = Catalyst Control Center Localization French
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2E0993DB-99D1-3D3D-FDD8-757F7C44BB7F}" = CCC Help French
"{2E2F4CB9-70B3-B6BA-1241-BC53FE5BE5DA}" = Catalyst Control Center Localization Thai
"{31E6A959-22FA-51B9-4E5A-1E2D2C0C8F1E}" = CCC Help Hungarian
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{326DC400-1FC4-4D7D-946D-06D1EAB93200}" = VAIO Guide
"{356181AD-C50C-394F-20D8-C6CB0A961589}" = Catalyst Control Center Localization Portuguese
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis*True*Image*Home
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3BDDF462-8A95-4C50-86DA-4D41F3483EA5}" = Canon MF Toolbox 4.9.1.1.mf04
"{3C3A1CF5-A2A0-4D80-8808-609C87FB33FE}_is1" = Bildschutz Pro 3.01
"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{46B9C26B-4370-C68D-1743-4F13AC12B4CD}" = CCC Help Turkish
"{495B3F8D-06AA-216A-6159-C9EABA6B7D8E}" = CCC Help Chinese Traditional
"{4A074D34-1F3D-B98F-CFF9-B2794DA33871}" = Catalyst Control Center Localization Danish
"{4A790D47-EBBF-659B-96BD-46AF5D69730B}" = Catalyst Control Center Localization Chinese Traditional
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FE475AA-C4CC-115A-1422-5DFB86FC806D}" = Catalyst Control Center Localization Hungarian
"{5463642B-44B3-34D3-E64E-0ACAA949BB5A}" = CCC Help Finnish
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{568457D9-A55B-D9BC-13EC-14C84E69BD86}" = Catalyst Control Center Graphics Full New
"{56A6F256-5323-4617-3AE8-45B28B559E37}" = CCC Help English
"{57A3A36F-626E-8848-D9E0-41FCDC92FECA}" = CCC Help Portuguese
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5967A03E-3B74-4DF1-B591-2D89CA26BDC9}" = LaCie Backup Software v1.7.2893
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6788581C-ECDA-326B-EE71-F9BE4635355F}" = Catalyst Control Center Localization Korean
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6CE464DB-CD52-F4F9-FB58-BC934702A499}" = CCC Help Japanese
"{6EAA173A-EF51-45F4-8175-391ED91AF6A9}" = Microsoft SQL Server VSS Writer
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{7193B0D6-65E4-6FB1-EB23-E9CE6D611BDC}" = CCC Help Czech
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects
"{7CB64BD2-0FB7-E037-6924-EA2B8BE44E7E}" = CCC Help Greek
"{7F6C2F96-3302-784E-BF0D-65D794E39BC2}" = Catalyst Control Center Localization Norwegian
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EA9BEB-AFF7-06C6-60DF-608807EA7DF2}" = Catalyst Control Center Localization German
"{8550D6A8-0DBC-AC89-F12B-71167346845E}" = Catalyst Control Center Localization Dutch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8A2224A1-7C5F-170C-74B6-6EEF9F92FCC3}" = CCC Help Norwegian
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{96E425D4-2DB1-6B29-0944-7DC78E9EEF81}" = Catalyst Control Center Localization Finnish
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9E332EEA-DCFC-424B-E499-0D35FFAD4D76}" = Catalyst Control Center Localization Greek
"{9F165569-C622-3F85-0F90-23CF9B0B7E50}" = Catalyst Control Center Localization Turkish
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A38F2A2D-F9AC-6303-A14D-DD2D77519627}" = Catalyst Control Center Localization Polish
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{AC76BA86-1033-F400-BA7E-000000000003}" = Adobe Acrobat 8 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B07FD2DE-87AB-976B-9E7E-9CD9598D1188}" = CCC Help Italian
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4FC780C-94E2-41CB-970D-4B61C1905E5E}" = SQLXML4
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B74686F4-939E-9D89-2C09-3B0FCB3C2B37}" = Catalyst Control Center Localization Japanese
"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4
"{B982D59B-B732-C911-51F3-CC962F906573}" = ccc-utility
"{BA165460-FCF7-4D6C-A7A2-F2321700720F}" = MobileMe Control Panel
"{BFCBC9EC-8ECC-2E8F-85DF-9D02C3B6E8AD}" = CCC Help Thai
"{C1141112-2968-FB36-0DF7-9D61AE6A0DCF}" = CCC Help Chinese Standard
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9B56B00-7A33-378D-E64E-E044BE535A46}" = Catalyst Control Center Localization Chinese Standard
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB8251EE-C86B-410D-83B2-1E28E9DE2C2B}" = LG GSM PC Components
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D79FDDB3-D6DD-63CC-BA61-D5406F392979}" = Catalyst Control Center Localization Russian
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{D91B65A8-33B6-4E9B-B3D9-B61B49E834D8}" = Microsoft SQL Server Native Client
"{DA3C6D93-6EB8-BF5C-2C14-2B1A08284DBD}" = Catalyst Control Center Graphics Previews Vista
"{DD929BD3-5D41-4407-BE04-119B4A631869}" = Canon MF Toolbox 4.9.1.1.mf04
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DEFB9CA4-6242-B988-E263-CD102219F54F}" = Skins
"{DF02B276-8216-D2FC-1E3D-E6382F8F6D91}" = Catalyst Control Center Localization Swedish
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E40EE28E-1009-B9B3-1E6B-635E878EAFF4}" = CCC Help Danish
"{E626EA97-DC4B-B9C2-5120-F826D00623D5}" = Catalyst Control Center Localization Spanish
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8EF1266-1D1F-C2FB-1E98-2FB9E71B3C7C}" = Catalyst Control Center Graphics Previews Common
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = Benutzerdefinierte Voreinstellungen für SonicStage Mastering Studio Audio Filter
"{ED1273B9-C028-C97D-BBF4-B667AD1644AE}" = CCC Help Dutch
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FD0F66-34CF-4555-8B13-BCFC96F3864C}" = Branding
"{F2D89AED-46DA-3DAF-CE35-BEA81D3CCE4B}" = CCC Help Polish
"{F536B64C-FA0C-AAEE-AE89-E15B12E7C659}" = CCC Help Swedish
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F76F1E24-BFF9-9754-FDB4-595A7DFF8651}" = CCC Help Russian
"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates
"{F8AEA743-A9CB-453C-9B3C-53D7F1D0CC22}" = B1315AppGuid
"{F8ECA4D4-3CB6-3B1C-A20A-884D5744C0FF}" = Catalyst Control Center Localization Czech
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FB838FDB-0C2D-44EC-8C40-F69C5CDABFCC}" = Samsung SCX-4100 Series - TWAIN
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 8 Standard - English, Français, Deutsch" = Adobe Acrobat 8.1.4 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player Plugin
"Adobe Photoshop 4.0 LE" = Adobe Photoshop 4.0 LE
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Atlantis - Sky Patrol" = Atlantis - Sky Patrol (remove only)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Big Fish Games Center" = Big Fish Games Center
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 6.0.0.766
"Canon Digital Camera USB Driver" = Canon Digital Camera USB Driver
"Canon PhotoStitch 3.1" = Canon Utilities PhotoStitch 3.1
"Canon Utilities RAW Image Converter" = Canon Utilities RAW Image Converter
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DATEVB00000482.0" = DATEV Installation V.2.72
"dt icon module" =
"Free Registry Defrag_is1" = Free Registry Defrag
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.64
"gtfirstboot Setting Request" =
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"IrfanView" = IrfanView (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MarketingTools" = Vaio Marketing Tools
"MFU Module" =
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Office8.0" = Microsoft Office 97, Professional Edition
"PhotoRecord" = Canon PhotoRecord
"Picasa2" = Picasa 2
"PremElem40" = Adobe Premiere Elements 4.0
"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates
"RemoteCapture" = Canon Utilities RemoteCapture 1.4
"Samsung SCX-4100 Series" = Samsung SCX-4100 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Help and Support" =
"VAIO_My Club VAIO" = My Club VAIO
"Virtual Villagers" = Virtual Villagers (remove only)
"ZoomBrowserEXDeInstall" = Canon Utilities ZoomBrowser EX
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.09.2009 11:08:15 | Computer Name = xxxxx-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung agent.exe, Version 4.10.100.25539, Zeitstempel
0x4213c5d0, fehlerhaftes Modul agent.exe, Version 4.10.100.25539, Zeitstempel 0x4213c5d0,
Ausnahmecode 0xc0000005, Fehleroffset 0x0000c967, Prozess-ID 0x86c, Anwendungsstartzeit
01ca32f1afe5f1b0.
Error - 12.09.2009 00:24:56 | Computer Name = xxxxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 12.09.2009 00:25:24 | Computer Name = xxxxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.09.2009 00:25:24 | Computer Name = xxxxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.09.2009 00:26:14 | Computer Name = xxxxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.09.2009 12:59:26 | Computer Name = xxxxx-PC | Source = VzCdbSvc | ID = 7
Description = Das Plug-In-Modul konnte nicht geladen werden. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})
(Fehlercode = 0x80042019)
Error - 12.09.2009 12:59:55 | Computer Name = xxxxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.09.2009 12:59:55 | Computer Name = xxxxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12.09.2009 13:00:40 | Computer Name = xxxxx-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.09.2009 16:20:52 | Computer Name = xxxxx-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 23.08.2008 04:01:06 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.08.2008 04:01:06 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 23.08.2008 21:24:00 | Computer Name = xxxxx-PC | Source = DCOM | ID = 10010
Description =
Error - 24.08.2008 04:32:46 | Computer Name = xxxxx-PC | Source = HTTP | ID = 15016
Description =
Error - 24.08.2008 04:34:24 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.08.2008 04:34:24 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.08.2008 16:46:07 | Computer Name = xxxxx-PC | Source = DCOM | ID = 10010
Description =
Error - 25.08.2008 02:44:15 | Computer Name = xxxxx-PC | Source = HTTP | ID = 15016
Description =
Error - 25.08.2008 02:45:53 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.08.2008 02:45:53 | Computer Name = xxxxx-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
--- --- ---
/quote
und OTL.txt
quote
OTL Logfile: Code:
OTL logfile created on: 31.05.2010 21:58:04 - Run 1
OTL by OldTimer - Version 3.2.5.2 Folder = C:\Users\xxxxx\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 107,38 Gb Total Space | 31,00 Gb Free Space | 28,87% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 39,36 Gb Free Space | 67,18% Space Free | Partition Type: NTFS
Drive E: | 10,32 Gb Total Space | 10,18 Gb Free Space | 98,66% Space Free | Partition Type: NTFS
Drive F: | 1,92 Gb Total Space | 1,87 Gb Free Space | 97,40% Space Free | Partition Type: FAT
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: xxxxx-PC
Current User Name: xxxxx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\xxxxx\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe (DATEV eG)
PRC - C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
PRC - C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Programme\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
PRC - c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
========== Modules (SafeList) ==========
MOD - C:\Users\xxxxx\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (DATEV Update-Service) -- C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe (DATEV eG)
SRV - (SQLWriter) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$DATEV_CL_DE01) SQL Server (DATEV_CL_DE01) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SQLBrowser) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (DatevPrintService) -- C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe (DATEV eG)
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (SOHDs) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Programme\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VzFw) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (Vcsw) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (Sony Corporation)
SRV - (uCamMonitor) -- C:\Programme\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (AdobeActiveFileMonitor6.0) -- c:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (IviRegMgr) -- c:\Programme\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Driver Services (SafeList) ==========
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (tdrpman140) Acronis Try&Decide and Restore Points filter (build 140) -- C:\Windows\system32\DRIVERS\tdrpm140.sys (Acronis)
DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman380) Acronis Snapshots Manager (Build 380) -- C:\Windows\system32\DRIVERS\snman380.sys (Acronis)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (R5U870FLx86) -- C:\Windows\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\Windows\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwl2cap) -- C:\Windows\System32\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
DRV - (DMICall) -- C:\Windows\System32\drivers\DMICall.sys (Sony Corporation)
DRV - (ti21sony) -- C:\Windows\System32\drivers\ti21sony.sys (Texas Instruments)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\System32\drivers\regi.sys (InterVideo)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.18 11:47:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.18 11:47:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.05.18 11:47:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2008.07.15 12:08:40 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\mozilla\Extensions
[2010.05.22 13:29:55 | 000,000,000 | ---D | M] -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\63u5hqpz.default\extensions
[2009.06.28 16:39:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\63u5hqpz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.02.04 12:25:56 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\xxxxx\AppData\Roaming\mozilla\Firefox\Profiles\63u5hqpz.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.11.17 18:31:13 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.09 13:02:17 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.09 13:02:17 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.09 13:02:17 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.09 13:02:17 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.09 13:02:17 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.05.25 15:40:10 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google BAE\BAE.dll (Your Company Name)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AUTOSTARTEXECUTE] C:\DATEV\PROGRAMM\Install\DvInesAutostartHelper.Exe (DATEV eG)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe File not found
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe File not found
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Programme\Sony\Marketing Tools\MarketingTools.exe (Sony NSCE)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] c:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\VAIO 10.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\VAIO 10.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.02.12 16:31:44 | 000,000,000 | ---D | M] - E:\Auto-Backup -- [ NTFS ]
O33 - MountPoints2\{12511da3-597e-11dd-a783-001a80ce89b3}\Shell\AutoRun\command - "" = J:\Rettungs-Stick\PStart.exe -- File not found
O33 - MountPoints2\{ceb3f3a0-596a-11dd-8c81-001a80ce89b3}\Shell\AutoRun\command - "" = G:\Rettungs-Stick\PStart.exe -- File not found
O33 - MountPoints2\{e289ceae-eb94-11dd-9749-001a80ce89b3}\Shell - "" = AutoRun
O33 - MountPoints2\{e289ceae-eb94-11dd-9749-001a80ce89b3}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.05.31 21:55:15 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
[2010.05.31 18:55:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.25 17:57:09 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\Malwarebytes
[2010.05.25 17:56:55 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.25 17:56:53 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.25 17:56:53 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.25 17:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.25 15:39:30 | 000,000,000 | ---D | C] -- C:\SmitfraudFix
[2010.05.25 15:34:29 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\mbam-setup.exe
[2010.05.18 11:51:23 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.05.18 11:51:23 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.05.18 11:49:59 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.05.18 11:49:57 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.05.18 11:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.05.18 11:46:55 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.05.18 11:42:36 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.05.18 11:37:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.05.05 11:49:50 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\AppData\Roaming\Template
[2010.05.02 21:40:06 | 000,000,000 | ---D | C] -- C:\Users\xxxxx\Desktop\ZVG OSTSEE
========== Files - Modified Within 30 Days ==========
[2010.05.31 21:58:08 | 002,359,296 | -HS- | M] () -- C:\Users\xxxxx\NTUSER.DAT
[2010.05.31 21:54:19 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 21:54:19 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.31 21:54:17 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.31 21:54:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.31 21:53:38 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.31 21:51:36 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\xxxxx\Desktop\OTL.exe
[2010.05.31 20:45:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.05.31 20:43:32 | 000,524,288 | -HS- | M] () -- C:\Users\xxxxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.05.31 20:43:32 | 000,065,536 | -HS- | M] () -- C:\Users\xxxxx\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.05.31 20:43:22 | 002,113,369 | -H-- | M] () -- C:\Users\xxxxx\AppData\Local\IconCache.db
[2010.05.25 17:56:57 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.25 15:55:48 | 001,689,774 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.25 15:55:48 | 000,721,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.25 15:55:48 | 000,672,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.25 15:55:48 | 000,166,448 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.25 15:55:48 | 000,134,966 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.25 15:40:12 | 000,004,582 | ---- | M] () -- C:\Windows\System32\tmp.reg
[2010.05.25 15:15:11 | 000,012,265 | ---- | M] () -- C:\Users\xxxxx\Desktop\100501036.doc.pdf
[2010.05.25 14:43:16 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\mbam-setup.exe
[2010.05.25 08:59:59 | 000,013,600 | ---- | M] () -- C:\Users\xxxxx\Desktop\Bestellbestaetigung.html
[2010.05.21 14:14:28 | 000,221,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.18 11:51:27 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.18 11:47:27 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.13 11:46:08 | 000,000,316 | ---- | M] () -- C:\Users\xxxxx\Desktop\Datensicherung - Verknüpfung.lnk
[2010.05.07 20:01:11 | 242,890,857 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.05.07 15:10:31 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.05.05 11:49:47 | 000,000,000 | ---- | M] () -- C:\Users\xxxxx\AppData\Roaming\wklnhst.dat
[2010.05.03 10:39:27 | 000,021,230 | ---- | M] () -- C:\Users\xxxxx\Desktop\FlyerHanseSail2010.pdf
========== Files Created - No Company Name ==========
[2010.05.25 17:56:57 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.25 15:44:20 | 3219,578,880 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.25 15:40:12 | 000,004,582 | ---- | C] () -- C:\Windows\System32\tmp.reg
[2010.05.25 15:15:11 | 000,012,265 | ---- | C] () -- C:\Users\xxxxx\Desktop\100501036.doc.pdf
[2010.05.25 13:59:49 | 000,003,063 | ---- | C] () -- C:\Users\xxxxx\clamav_report_250510_135812.txt
[2010.05.25 08:59:59 | 000,013,600 | ---- | C] () -- C:\Users\xxxxx\Desktop\Bestellbestaetigung.html
[2010.05.18 11:51:27 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.18 11:47:27 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.05.13 11:46:08 | 000,000,316 | ---- | C] () -- C:\Users\xxxxx\Desktop\Datensicherung - Verknüpfung.lnk
[2010.05.07 15:10:31 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.05.05 11:49:47 | 000,000,000 | ---- | C] () -- C:\Users\xxxxx\AppData\Roaming\wklnhst.dat
[2010.05.03 10:39:27 | 000,021,230 | ---- | C] () -- C:\Users\xxxxx\Desktop\FlyerHanseSail2010.pdf
[2009.10.08 19:15:15 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.06 15:18:50 | 000,000,526 | ---- | C] () -- C:\Windows\wiso.ini
[2009.04.21 10:33:04 | 000,000,332 | ---- | C] () -- C:\Windows\System32\CNCMFP23.INI
[2009.01.26 12:51:54 | 000,014,616 | ---- | C] () -- C:\Windows\System32\skypdfmonpro.dll
[2009.01.26 12:51:54 | 000,012,568 | ---- | C] () -- C:\Windows\System32\skypdfmonuipro.dll
[2009.01.26 12:37:30 | 000,000,021 | ---- | C] () -- C:\Windows\DvInesKurusOleServer003.INI
[2009.01.26 12:35:21 | 000,000,099 | ---- | C] () -- C:\Windows\dvinesinstalllocation001.INI
[2009.01.26 12:35:20 | 000,000,099 | ---- | C] () -- C:\Windows\dvinesinstart001.INI
[2009.01.26 12:32:20 | 000,000,021 | ---- | C] () -- C:\Windows\Startup.INI
[2008.10.08 11:51:30 | 000,037,888 | ---- | C] () -- C:\Windows\System32\setupnt.dll
[2008.09.08 11:10:38 | 000,000,139 | ---- | C] () -- C:\Windows\KPCMS.INI
[2008.09.08 11:10:36 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2008.07.24 13:13:50 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll
[2008.07.24 13:13:28 | 000,000,124 | ---- | C] () -- C:\Windows\Readiris.ini
[2008.07.24 13:13:27 | 000,023,040 | ---- | C] () -- C:\Windows\System32\irisco32.dll
[2008.07.24 12:34:48 | 000,022,723 | ---- | C] () -- C:\Windows\System32\SSGR3l3.dll
[2008.07.23 12:26:55 | 000,000,000 | ---- | C] () -- C:\Windows\OPPRIN~1.INI
[2008.07.14 19:14:12 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2008.07.14 19:07:44 | 000,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll
[2008.04.02 20:21:38 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.02.05 02:09:01 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll
[2007.10.30 10:44:52 | 000,393,216 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.09.12 01:57:44 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.09.12 01:54:26 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007.08.17 15:41:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.10.28 17:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[1999.01.19 16:18:30 | 000,110,080 | ---- | C] () -- C:\Windows\System32\LFPNG60N.DLL
[1999.01.19 16:18:30 | 000,046,080 | ---- | C] () -- C:\Windows\System32\LFTIF60N.DLL
[1999.01.19 16:18:30 | 000,043,008 | ---- | C] () -- C:\Windows\System32\LTFIL60N.DLL
[1999.01.19 16:18:30 | 000,020,480 | ---- | C] () -- C:\Windows\System32\LFPSD60N.DLL
[1999.01.19 16:18:30 | 000,019,968 | ---- | C] () -- C:\Windows\System32\LFTGA60N.DLL
[1999.01.19 16:18:30 | 000,019,456 | ---- | C] () -- C:\Windows\System32\LFWPG60N.DLL
[1999.01.19 16:18:30 | 000,019,456 | ---- | C] () -- C:\Windows\System32\LFWMF60N.DLL
[1999.01.19 16:18:28 | 000,176,128 | ---- | C] () -- C:\Windows\System32\LFFAX60N.DLL
[1999.01.19 16:18:28 | 000,141,824 | ---- | C] () -- C:\Windows\System32\LFCMP60N.DLL
[1999.01.19 16:18:28 | 000,023,552 | ---- | C] () -- C:\Windows\System32\LFPCX60N.DLL
[1999.01.19 16:18:28 | 000,022,528 | ---- | C] () -- C:\Windows\System32\LFPCT60N.DLL
[1999.01.19 16:18:28 | 000,022,528 | ---- | C] () -- C:\Windows\System32\LFEPS60N.DLL
[1999.01.19 16:18:28 | 000,022,016 | ---- | C] () -- C:\Windows\System32\LFBMP60N.DLL
[1999.01.19 16:18:28 | 000,018,432 | ---- | C] () -- C:\Windows\System32\LFMSP60N.DLL
[1999.01.19 16:18:28 | 000,017,920 | ---- | C] () -- C:\Windows\System32\LFMAC60N.DLL
[1996.12.14 00:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1996.12.14 00:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
[1995.02.15 01:11:00 | 000,017,920 | ---- | C] () -- C:\Windows\System32\IMPLODE.DLL
< End of report >
--- --- ---
/quote
Danke für den Hinweis mit dem Namen!!! |
